// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** // *** Do not edit by hand unless you're certain you know what you are doing! *** import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; import * as enums from "../types/enums"; import {RoutingRule} from "../s3"; export interface GetAvailabilityZoneFilter { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeAvailabilityZones API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html). */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetAvailabilityZoneFilterArgs { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeAvailabilityZones API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetAvailabilityZonesFilter { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeAvailabilityZones API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html). */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetAvailabilityZonesFilterArgs { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeAvailabilityZones API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetRegionsFilter { /** * Name of the filter field. Valid values can be found in the [describe-regions AWS CLI Reference][1]. */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetRegionsFilterArgs { /** * Name of the filter field. Valid values can be found in the [describe-regions AWS CLI Reference][1]. */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface ProviderAssumeRole { duration?: pulumi.Input; externalId?: pulumi.Input; policy?: pulumi.Input; policyArns?: pulumi.Input[]>; roleArn?: pulumi.Input; sessionName?: pulumi.Input; sourceIdentity?: pulumi.Input; tags?: pulumi.Input<{[key: string]: pulumi.Input}>; transitiveTagKeys?: pulumi.Input[]>; } export interface ProviderAssumeRoleWithWebIdentity { duration?: pulumi.Input; policy?: pulumi.Input; policyArns?: pulumi.Input[]>; roleArn?: pulumi.Input; sessionName?: pulumi.Input; webIdentityToken?: pulumi.Input; webIdentityTokenFile?: pulumi.Input; } export interface ProviderDefaultTags { tags?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface ProviderEndpoint { accessanalyzer?: pulumi.Input; account?: pulumi.Input; acm?: pulumi.Input; acmpca?: pulumi.Input; amg?: pulumi.Input; amp?: pulumi.Input; amplify?: pulumi.Input; apigateway?: pulumi.Input; apigatewayv2?: pulumi.Input; appautoscaling?: pulumi.Input; appconfig?: pulumi.Input; appflow?: pulumi.Input; appintegrations?: pulumi.Input; appintegrationsservice?: pulumi.Input; applicationautoscaling?: pulumi.Input; applicationinsights?: pulumi.Input; appmesh?: pulumi.Input; apprunner?: pulumi.Input; appstream?: pulumi.Input; appsync?: pulumi.Input; athena?: pulumi.Input; auditmanager?: pulumi.Input; autoscaling?: pulumi.Input; autoscalingplans?: pulumi.Input; backup?: pulumi.Input; batch?: pulumi.Input; beanstalk?: pulumi.Input; budgets?: pulumi.Input; ce?: pulumi.Input; chime?: pulumi.Input; chimesdkmediapipelines?: pulumi.Input; chimesdkvoice?: pulumi.Input; cleanrooms?: pulumi.Input; cloud9?: pulumi.Input; cloudcontrol?: pulumi.Input; cloudcontrolapi?: pulumi.Input; cloudformation?: pulumi.Input; cloudfront?: pulumi.Input; cloudhsm?: pulumi.Input; cloudhsmv2?: pulumi.Input; cloudsearch?: pulumi.Input; cloudtrail?: pulumi.Input; cloudwatch?: pulumi.Input; cloudwatchevents?: pulumi.Input; cloudwatchevidently?: pulumi.Input; cloudwatchlog?: pulumi.Input; cloudwatchlogs?: pulumi.Input; cloudwatchobservabilityaccessmanager?: pulumi.Input; cloudwatchrum?: pulumi.Input; codeartifact?: pulumi.Input; codebuild?: pulumi.Input; codecatalyst?: pulumi.Input; codecommit?: pulumi.Input; codedeploy?: pulumi.Input; codegurureviewer?: pulumi.Input; codepipeline?: pulumi.Input; codestarconnections?: pulumi.Input; codestarnotifications?: pulumi.Input; cognitoidentity?: pulumi.Input; cognitoidentityprovider?: pulumi.Input; cognitoidp?: pulumi.Input; comprehend?: pulumi.Input; computeoptimizer?: pulumi.Input; config?: pulumi.Input; configservice?: pulumi.Input; connect?: pulumi.Input; controltower?: pulumi.Input; costandusagereportservice?: pulumi.Input; costexplorer?: pulumi.Input; cur?: pulumi.Input; databasemigration?: pulumi.Input; databasemigrationservice?: pulumi.Input; dataexchange?: pulumi.Input; datapipeline?: pulumi.Input; datasync?: pulumi.Input; dax?: pulumi.Input; deploy?: pulumi.Input; detective?: pulumi.Input; devicefarm?: pulumi.Input; directconnect?: pulumi.Input; directoryservice?: pulumi.Input; dlm?: pulumi.Input; dms?: pulumi.Input; docdb?: pulumi.Input; docdbelastic?: pulumi.Input; ds?: pulumi.Input; dynamodb?: pulumi.Input; ec2?: pulumi.Input; ecr?: pulumi.Input; ecrpublic?: pulumi.Input; ecs?: pulumi.Input; efs?: pulumi.Input; eks?: pulumi.Input; elasticache?: pulumi.Input; elasticbeanstalk?: pulumi.Input; elasticloadbalancing?: pulumi.Input; elasticloadbalancingv2?: pulumi.Input; elasticsearch?: pulumi.Input; elasticsearchservice?: pulumi.Input; elastictranscoder?: pulumi.Input; elb?: pulumi.Input; elbv2?: pulumi.Input; emr?: pulumi.Input; emrcontainers?: pulumi.Input; emrserverless?: pulumi.Input; es?: pulumi.Input; eventbridge?: pulumi.Input; events?: pulumi.Input; evidently?: pulumi.Input; finspace?: pulumi.Input; firehose?: pulumi.Input; fis?: pulumi.Input; fms?: pulumi.Input; fsx?: pulumi.Input; gamelift?: pulumi.Input; glacier?: pulumi.Input; globalaccelerator?: pulumi.Input; glue?: pulumi.Input; grafana?: pulumi.Input; greengrass?: pulumi.Input; guardduty?: pulumi.Input; healthlake?: pulumi.Input; iam?: pulumi.Input; identitystore?: pulumi.Input; imagebuilder?: pulumi.Input; inspector?: pulumi.Input; inspector2?: pulumi.Input; inspectorv2?: pulumi.Input; internetmonitor?: pulumi.Input; iot?: pulumi.Input; iotanalytics?: pulumi.Input; iotevents?: pulumi.Input; ivs?: pulumi.Input; ivschat?: pulumi.Input; kafka?: pulumi.Input; kafkaconnect?: pulumi.Input; kendra?: pulumi.Input; keyspaces?: pulumi.Input; kinesis?: pulumi.Input; kinesisanalytics?: pulumi.Input; kinesisanalyticsv2?: pulumi.Input; kinesisvideo?: pulumi.Input; kms?: pulumi.Input; lakeformation?: pulumi.Input; lambda?: pulumi.Input; lex?: pulumi.Input; lexmodelbuilding?: pulumi.Input; lexmodelbuildingservice?: pulumi.Input; lexmodels?: pulumi.Input; lexmodelsv2?: pulumi.Input; lexv2models?: pulumi.Input; licensemanager?: pulumi.Input; lightsail?: pulumi.Input; location?: pulumi.Input; locationservice?: pulumi.Input; logs?: pulumi.Input; macie2?: pulumi.Input; managedgrafana?: pulumi.Input; mediaconnect?: pulumi.Input; mediaconvert?: pulumi.Input; medialive?: pulumi.Input; mediapackage?: pulumi.Input; mediastore?: pulumi.Input; memorydb?: pulumi.Input; mq?: pulumi.Input; msk?: pulumi.Input; mwaa?: pulumi.Input; neptune?: pulumi.Input; networkfirewall?: pulumi.Input; networkmanager?: pulumi.Input; oam?: pulumi.Input; opensearch?: pulumi.Input; opensearchserverless?: pulumi.Input; opensearchservice?: pulumi.Input; opsworks?: pulumi.Input; organizations?: pulumi.Input; outposts?: pulumi.Input; pinpoint?: pulumi.Input; pipes?: pulumi.Input; pricing?: pulumi.Input; prometheus?: pulumi.Input; prometheusservice?: pulumi.Input; qldb?: pulumi.Input; quicksight?: pulumi.Input; ram?: pulumi.Input; rbin?: pulumi.Input; rds?: pulumi.Input; recyclebin?: pulumi.Input; redshift?: pulumi.Input; redshiftdata?: pulumi.Input; redshiftdataapiservice?: pulumi.Input; redshiftserverless?: pulumi.Input; resourceexplorer2?: pulumi.Input; resourcegroups?: pulumi.Input; resourcegroupstagging?: pulumi.Input; resourcegroupstaggingapi?: pulumi.Input; rolesanywhere?: pulumi.Input; route53?: pulumi.Input; route53domains?: pulumi.Input; route53recoverycontrolconfig?: pulumi.Input; route53recoveryreadiness?: pulumi.Input; route53resolver?: pulumi.Input; rum?: pulumi.Input; s3?: pulumi.Input; s3api?: pulumi.Input; s3control?: pulumi.Input; s3outposts?: pulumi.Input; sagemaker?: pulumi.Input; scheduler?: pulumi.Input; schemas?: pulumi.Input; sdb?: pulumi.Input; secretsmanager?: pulumi.Input; securityhub?: pulumi.Input; securitylake?: pulumi.Input; serverlessapplicationrepository?: pulumi.Input; serverlessapprepo?: pulumi.Input; serverlessrepo?: pulumi.Input; servicecatalog?: pulumi.Input; servicediscovery?: pulumi.Input; servicequotas?: pulumi.Input; ses?: pulumi.Input; sesv2?: pulumi.Input; sfn?: pulumi.Input; shield?: pulumi.Input; signer?: pulumi.Input; simpledb?: pulumi.Input; sns?: pulumi.Input; sqs?: pulumi.Input; ssm?: pulumi.Input; ssmcontacts?: pulumi.Input; ssmincidents?: pulumi.Input; ssoadmin?: pulumi.Input; stepfunctions?: pulumi.Input; storagegateway?: pulumi.Input; sts?: pulumi.Input; swf?: pulumi.Input; synthetics?: pulumi.Input; timestreamwrite?: pulumi.Input; transcribe?: pulumi.Input; transcribeservice?: pulumi.Input; transfer?: pulumi.Input; verifiedpermissions?: pulumi.Input; vpclattice?: pulumi.Input; waf?: pulumi.Input; wafregional?: pulumi.Input; wafv2?: pulumi.Input; worklink?: pulumi.Input; workspaces?: pulumi.Input; xray?: pulumi.Input; } export interface ProviderIgnoreTags { keyPrefixes?: pulumi.Input[]>; keys?: pulumi.Input[]>; } export namespace accessanalyzer { export interface ArchiveRuleFilter { /** * Contains comparator. */ contains?: pulumi.Input[]>; /** * Filter criteria. */ criteria: pulumi.Input; /** * Equals comparator. */ eqs?: pulumi.Input[]>; /** * Boolean comparator. */ exists?: pulumi.Input; /** * Not Equals comparator. */ neqs?: pulumi.Input[]>; } } export namespace acm { export interface CertificateDomainValidationOption { /** * Fully qualified domain name (FQDN) in the certificate. */ domainName?: pulumi.Input; /** * The name of the DNS record to create to validate the certificate */ resourceRecordName?: pulumi.Input; /** * The type of DNS record to create */ resourceRecordType?: pulumi.Input; /** * The value the DNS record needs to have */ resourceRecordValue?: pulumi.Input; } export interface CertificateOptions { /** * Whether certificate details should be added to a certificate transparency log. Valid values are `ENABLED` or `DISABLED`. See https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency for more details. */ certificateTransparencyLoggingPreference?: pulumi.Input; } export interface CertificateRenewalSummary { /** * The status of ACM's managed renewal of the certificate */ renewalStatus?: pulumi.Input; /** * The reason that a renewal request was unsuccessful or is pending */ renewalStatusReason?: pulumi.Input; updatedAt?: pulumi.Input; } export interface CertificateValidationOption { /** * Fully qualified domain name (FQDN) in the certificate. */ domainName: pulumi.Input; /** * Domain name that you want ACM to use to send you validation emails. This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the `domainName` value or a superdomain of the `domainName` value. For example, if you request a certificate for `"testing.example.com"`, you can specify `"example.com"` for this value. */ validationDomain: pulumi.Input; } } export namespace acmpca { export interface CertificateAuthorityCertificateAuthorityConfiguration { /** * Type of the public key algorithm and size, in bits, of the key pair that your key pair creates when it issues a certificate. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html). */ keyAlgorithm: pulumi.Input; /** * Name of the algorithm your private CA uses to sign certificate requests. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html). */ signingAlgorithm: pulumi.Input; /** * Nested argument that contains X.500 distinguished name information. At least one nested attribute must be specified. */ subject: pulumi.Input; } export interface CertificateAuthorityCertificateAuthorityConfigurationSubject { /** * Fully qualified domain name (FQDN) associated with the certificate subject. Must be less than or equal to 64 characters in length. */ commonName?: pulumi.Input; /** * Two digit code that specifies the country in which the certificate subject located. Must be less than or equal to 2 characters in length. */ country?: pulumi.Input; /** * Disambiguating information for the certificate subject. Must be less than or equal to 64 characters in length. */ distinguishedNameQualifier?: pulumi.Input; /** * Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third. Must be less than or equal to 3 characters in length. */ generationQualifier?: pulumi.Input; /** * First name. Must be less than or equal to 16 characters in length. */ givenName?: pulumi.Input; /** * Concatenation that typically contains the first letter of the `givenName`, the first letter of the middle name if one exists, and the first letter of the `surname`. Must be less than or equal to 5 characters in length. */ initials?: pulumi.Input; /** * Locality (such as a city or town) in which the certificate subject is located. Must be less than or equal to 128 characters in length. */ locality?: pulumi.Input; /** * Legal name of the organization with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length. */ organization?: pulumi.Input; /** * Subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length. */ organizationalUnit?: pulumi.Input; /** * Typically a shortened version of a longer `givenName`. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza. Must be less than or equal to 128 characters in length. */ pseudonym?: pulumi.Input; /** * State in which the subject of the certificate is located. Must be less than or equal to 128 characters in length. */ state?: pulumi.Input; /** * Family name. In the US and the UK for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first. Must be less than or equal to 40 characters in length. */ surname?: pulumi.Input; /** * Title such as Mr. or Ms. which is pre-pended to the name to refer formally to the certificate subject. Must be less than or equal to 64 characters in length. */ title?: pulumi.Input; } export interface CertificateAuthorityRevocationConfiguration { /** * Nested argument containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. Defined below. */ crlConfiguration?: pulumi.Input; /** * Nested argument containing configuration of * the custom OCSP responder endpoint. Defined below. */ ocspConfiguration?: pulumi.Input; } export interface CertificateAuthorityRevocationConfigurationCrlConfiguration { /** * Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public. Must be less than or equal to 253 characters in length. */ customCname?: pulumi.Input; /** * Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`. */ enabled?: pulumi.Input; /** * Number of days until a certificate expires. Must be between 1 and 5000. */ expirationInDays?: pulumi.Input; /** * Name of the S3 bucket that contains the CRL. If you do not provide a value for the `customCname` argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You must specify a bucket policy that allows ACM PCA to write the CRL to your bucket. Must be between 3 and 255 characters in length. */ s3BucketName?: pulumi.Input; /** * Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. Defaults to `PUBLIC_READ`. */ s3ObjectAcl?: pulumi.Input; } export interface CertificateAuthorityRevocationConfigurationOcspConfiguration { /** * Boolean value that specifies whether a custom OCSP responder is enabled. */ enabled: pulumi.Input; /** * CNAME specifying a customized OCSP domain. Note: The value of the CNAME must not include a protocol prefix such as "http://" or "https://". */ ocspCustomCname?: pulumi.Input; } export interface CertificateValidity { /** * Determines how `value` is interpreted. Valid values: `DAYS`, `MONTHS`, `YEARS`, `ABSOLUTE`, `END_DATE`. */ type: pulumi.Input; /** * If `type` is `DAYS`, `MONTHS`, or `YEARS`, the relative time until the certificate expires. If `type` is `ABSOLUTE`, the date in seconds since the Unix epoch. If `type` is `END_DATE`, the date in RFC 3339 format. */ value: pulumi.Input; } } export namespace alb { export interface ListenerDefaultAction { /** * Configuration block for using Amazon Cognito to authenticate users. Specify only when `type` is `authenticate-cognito`. Detailed below. */ authenticateCognito?: pulumi.Input; /** * Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `type` is `authenticate-oidc`. Detailed below. */ authenticateOidc?: pulumi.Input; /** * Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`. */ fixedResponse?: pulumi.Input; /** * Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. If you specify both `forward` block and `targetGroupArn` attribute, you can specify only one target group using `forward` and it must be the same target group specified in `targetGroupArn`. Detailed below. */ forward?: pulumi.Input; /** * Order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. */ order?: pulumi.Input; /** * Configuration block for creating a redirect action. Required if `type` is `redirect`. Detailed below. */ redirect?: pulumi.Input; /** * ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead. */ targetGroupArn?: pulumi.Input; /** * Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. * * The following arguments are optional: */ type: pulumi.Input; } export interface ListenerDefaultActionAuthenticateCognito { /** * Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below. */ authenticationRequestExtraParams?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Behavior if the user is not authenticated. Valid values are `deny`, `allow` and `authenticate`. */ onUnauthenticatedRequest?: pulumi.Input; /** * Set of user claims to be requested from the IdP. */ scope?: pulumi.Input; /** * Name of the cookie used to maintain session information. */ sessionCookieName?: pulumi.Input; /** * Maximum duration of the authentication session, in seconds. */ sessionTimeout?: pulumi.Input; /** * ARN of the Cognito user pool. */ userPoolArn: pulumi.Input; /** * ID of the Cognito user pool client. */ userPoolClientId: pulumi.Input; /** * Domain prefix or fully-qualified domain name of the Cognito user pool. * * The following arguments are optional: */ userPoolDomain: pulumi.Input; } export interface ListenerDefaultActionAuthenticateOidc { /** * Query parameters to include in the redirect request to the authorization endpoint. Max: 10. */ authenticationRequestExtraParams?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Authorization endpoint of the IdP. */ authorizationEndpoint: pulumi.Input; /** * OAuth 2.0 client identifier. */ clientId: pulumi.Input; /** * OAuth 2.0 client secret. */ clientSecret: pulumi.Input; /** * OIDC issuer identifier of the IdP. */ issuer: pulumi.Input; /** * Behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate` */ onUnauthenticatedRequest?: pulumi.Input; /** * Set of user claims to be requested from the IdP. */ scope?: pulumi.Input; /** * Name of the cookie used to maintain session information. */ sessionCookieName?: pulumi.Input; /** * Maximum duration of the authentication session, in seconds. */ sessionTimeout?: pulumi.Input; /** * Token endpoint of the IdP. */ tokenEndpoint: pulumi.Input; /** * User info endpoint of the IdP. * * The following arguments are optional: */ userInfoEndpoint: pulumi.Input; } export interface ListenerDefaultActionFixedResponse { /** * Content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`. * * The following arguments are optional: */ contentType: pulumi.Input; /** * Message body. */ messageBody?: pulumi.Input; /** * HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`. */ statusCode?: pulumi.Input; } export interface ListenerDefaultActionForward { /** * Configuration block for target group stickiness for the rule. Detailed below. */ stickiness?: pulumi.Input; /** * Set of 1-5 target group blocks. Detailed below. * * The following arguments are optional: */ targetGroups: pulumi.Input[]>; } export interface ListenerDefaultActionForwardStickiness { /** * Time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). * * The following arguments are optional: */ duration: pulumi.Input; /** * Whether target group stickiness is enabled. Default is `false`. */ enabled?: pulumi.Input; } export interface ListenerDefaultActionForwardTargetGroup { /** * ARN of the target group. * * The following arguments are optional: */ arn: pulumi.Input; /** * Weight. The range is 0 to 999. */ weight?: pulumi.Input; } export interface ListenerDefaultActionRedirect { /** * Hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`. */ host?: pulumi.Input; /** * Absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`. */ path?: pulumi.Input; /** * Port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`. */ port?: pulumi.Input; /** * Protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`. */ protocol?: pulumi.Input; /** * Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to `#{query}`. */ query?: pulumi.Input; /** * HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`). * * The following arguments are optional: */ statusCode: pulumi.Input; } export interface ListenerRuleAction { /** * Information for creating an authenticate action using Cognito. Required if `type` is `authenticate-cognito`. */ authenticateCognito?: pulumi.Input; /** * Information for creating an authenticate action using OIDC. Required if `type` is `authenticate-oidc`. */ authenticateOidc?: pulumi.Input; /** * Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`. */ fixedResponse?: pulumi.Input; /** * Information for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. If you specify both `forward` block and `targetGroupArn` attribute, you can specify only one target group using `forward` and it must be the same target group specified in `targetGroupArn`. */ forward?: pulumi.Input; order?: pulumi.Input; /** * Information for creating a redirect action. Required if `type` is `redirect`. */ redirect?: pulumi.Input; /** * The ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead. */ targetGroupArn?: pulumi.Input; /** * The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. */ type: pulumi.Input; } export interface ListenerRuleActionAuthenticateCognito { /** * The query parameters to include in the redirect request to the authorization endpoint. Max: 10. */ authenticationRequestExtraParams?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate` */ onUnauthenticatedRequest?: pulumi.Input; /** * The set of user claims to be requested from the IdP. */ scope?: pulumi.Input; /** * The name of the cookie used to maintain session information. */ sessionCookieName?: pulumi.Input; /** * The maximum duration of the authentication session, in seconds. */ sessionTimeout?: pulumi.Input; /** * The ARN of the Cognito user pool. */ userPoolArn: pulumi.Input; /** * The ID of the Cognito user pool client. */ userPoolClientId: pulumi.Input; /** * The domain prefix or fully-qualified domain name of the Cognito user pool. */ userPoolDomain: pulumi.Input; } export interface ListenerRuleActionAuthenticateOidc { /** * The query parameters to include in the redirect request to the authorization endpoint. Max: 10. */ authenticationRequestExtraParams?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The authorization endpoint of the IdP. */ authorizationEndpoint: pulumi.Input; /** * The OAuth 2.0 client identifier. */ clientId: pulumi.Input; /** * The OAuth 2.0 client secret. */ clientSecret: pulumi.Input; /** * The OIDC issuer identifier of the IdP. */ issuer: pulumi.Input; /** * The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate` */ onUnauthenticatedRequest?: pulumi.Input; /** * The set of user claims to be requested from the IdP. */ scope?: pulumi.Input; /** * The name of the cookie used to maintain session information. */ sessionCookieName?: pulumi.Input; /** * The maximum duration of the authentication session, in seconds. */ sessionTimeout?: pulumi.Input; /** * The token endpoint of the IdP. */ tokenEndpoint: pulumi.Input; /** * The user info endpoint of the IdP. */ userInfoEndpoint: pulumi.Input; } export interface ListenerRuleActionFixedResponse { /** * The content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`. */ contentType: pulumi.Input; /** * The message body. */ messageBody?: pulumi.Input; /** * The HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`. */ statusCode?: pulumi.Input; } export interface ListenerRuleActionForward { /** * The target group stickiness for the rule. */ stickiness?: pulumi.Input; /** * One or more target groups block. */ targetGroups: pulumi.Input[]>; } export interface ListenerRuleActionForwardStickiness { /** * The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). */ duration: pulumi.Input; /** * Indicates whether target group stickiness is enabled. */ enabled?: pulumi.Input; } export interface ListenerRuleActionForwardTargetGroup { /** * The Amazon Resource Name (ARN) of the target group. */ arn: pulumi.Input; /** * The weight. The range is 0 to 999. */ weight?: pulumi.Input; } export interface ListenerRuleActionRedirect { /** * The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`. */ host?: pulumi.Input; /** * The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`. */ path?: pulumi.Input; /** * The port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`. */ port?: pulumi.Input; /** * The protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`. */ protocol?: pulumi.Input; /** * The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to `#{query}`. */ query?: pulumi.Input; /** * The HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`). */ statusCode: pulumi.Input; } export interface ListenerRuleCondition { /** * Contains a single `values` item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. */ hostHeader?: pulumi.Input; /** * HTTP headers to match. HTTP Header block fields documented below. */ httpHeader?: pulumi.Input; /** * Contains a single `values` item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (\_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached. */ httpRequestMethod?: pulumi.Input; /** * Contains a single `values` item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a `queryString` condition. */ pathPattern?: pulumi.Input; /** * Query strings to match. Query String block fields documented below. */ queryStrings?: pulumi.Input[]>; /** * Contains a single `values` item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the `X-Forwarded-For` header, use `httpHeader` condition instead. * * > **NOTE::** Exactly one of `hostHeader`, `httpHeader`, `httpRequestMethod`, `pathPattern`, `queryString` or `sourceIp` must be set per condition. */ sourceIp?: pulumi.Input; } export interface ListenerRuleConditionHostHeader { /** * List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string. * * * Query String Value Blocks (for `query_string.values`) support the following: */ values: pulumi.Input[]>; } export interface ListenerRuleConditionHttpHeader { /** * Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a `host-header` condition instead. */ httpHeaderName: pulumi.Input; /** * List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string. */ values: pulumi.Input[]>; } export interface ListenerRuleConditionHttpRequestMethod { /** * List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string. * * * Query String Value Blocks (for `query_string.values`) support the following: */ values: pulumi.Input[]>; } export interface ListenerRuleConditionPathPattern { /** * List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string. * * * Query String Value Blocks (for `query_string.values`) support the following: */ values: pulumi.Input[]>; } export interface ListenerRuleConditionQueryString { /** * Query string key pattern to match. */ key?: pulumi.Input; /** * Query string value pattern to match. */ value: pulumi.Input; } export interface ListenerRuleConditionSourceIp { /** * List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string. * * * Query String Value Blocks (for `query_string.values`) support the following: */ values: pulumi.Input[]>; } export interface LoadBalancerAccessLogs { /** * The S3 bucket name to store the logs in. */ bucket: pulumi.Input; /** * Boolean to enable / disable `accessLogs`. Defaults to `false`, even when `bucket` is specified. */ enabled?: pulumi.Input; /** * The S3 bucket prefix. Logs are stored in the root if not configured. */ prefix?: pulumi.Input; } export interface LoadBalancerSubnetMapping { /** * The allocation ID of the Elastic IP address for an internet-facing load balancer. */ allocationId?: pulumi.Input; /** * The IPv6 address. You associate IPv6 CIDR blocks with your VPC and choose the subnets where you launch both internet-facing and internal Application Load Balancers or Network Load Balancers. */ ipv6Address?: pulumi.Input; outpostId?: pulumi.Input; /** * The private IPv4 address for an internal load balancer. */ privateIpv4Address?: pulumi.Input; /** * ID of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone. */ subnetId: pulumi.Input; } export interface TargetGroupHealthCheck { /** * Whether health checks are enabled. Defaults to `true`. */ enabled?: pulumi.Input; /** * Number of consecutive health check successes required before considering a target healthy. The range is 2-10. Defaults to 3. */ healthyThreshold?: pulumi.Input; /** * Approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. For `lambda` target groups, it needs to be greater than the timeout of the underlying `lambda`. Defaults to 30. */ interval?: pulumi.Input; /** * Response codes to use when checking for a healthy responses from a target. You can specify multiple values (for example, "200,202" for HTTP(s) or "0,12" for GRPC) or a range of values (for example, "200-299" or "0-99"). Required for HTTP/HTTPS/GRPC ALB. Only applies to Application Load Balancers (i.e., HTTP/HTTPS/GRPC) not Network Load Balancers (i.e., TCP). */ matcher?: pulumi.Input; /** * Destination for the health check request. Required for HTTP/HTTPS ALB and HTTP NLB. Only applies to HTTP/HTTPS. */ path?: pulumi.Input; /** * The port the load balancer uses when performing health checks on targets. Default is traffic-port. */ port?: pulumi.Input; /** * Protocol the load balancer uses when performing health checks on targets. Must be either `TCP`, `HTTP`, or `HTTPS`. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. Defaults to HTTP. */ protocol?: pulumi.Input; /** * Amount of time, in seconds, during which no response from a target means a failed health check. The range is 2–120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is lambda, the default is 30 seconds. */ timeout?: pulumi.Input; /** * Number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. Defaults to 3. */ unhealthyThreshold?: pulumi.Input; } export interface TargetGroupStickiness { /** * Only used when the type is `lbCookie`. The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds). */ cookieDuration?: pulumi.Input; /** * Name of the application based cookie. AWSALB, AWSALBAPP, and AWSALBTG prefixes are reserved and cannot be used. Only needed when type is `appCookie`. */ cookieName?: pulumi.Input; /** * Boolean to enable / disable `stickiness`. Default is `true`. */ enabled?: pulumi.Input; /** * The type of sticky sessions. The only current possible values are `lbCookie`, `appCookie` for ALBs, `sourceIp` for NLBs, and `sourceIpDestIp`, `sourceIpDestIpProto` for GWLBs. */ type: pulumi.Input; } export interface TargetGroupTargetFailover { /** * Indicates how the GWLB handles existing flows when a target is deregistered. Possible values are `rebalance` and `noRebalance`. Must match the attribute value set for `onUnhealthy`. Default: `noRebalance`. */ onDeregistration: pulumi.Input; /** * Indicates how the GWLB handles existing flows when a target is unhealthy. Possible values are `rebalance` and `noRebalance`. Must match the attribute value set for `onDeregistration`. Default: `noRebalance`. */ onUnhealthy: pulumi.Input; } } export namespace amp { export interface WorkspaceLoggingConfiguration { /** * The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. */ logGroupArn: pulumi.Input; } } export namespace amplify { export interface AppAutoBranchCreationConfig { /** * Basic authorization credentials for the autocreated branch. */ basicAuthCredentials?: pulumi.Input; /** * Build specification (build spec) for the autocreated branch. */ buildSpec?: pulumi.Input; /** * Enables auto building for the autocreated branch. */ enableAutoBuild?: pulumi.Input; /** * Enables basic authorization for the autocreated branch. */ enableBasicAuth?: pulumi.Input; /** * Enables performance mode for the branch. */ enablePerformanceMode?: pulumi.Input; /** * Enables pull request previews for the autocreated branch. */ enablePullRequestPreview?: pulumi.Input; /** * Environment variables for the autocreated branch. */ environmentVariables?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Framework for the autocreated branch. */ framework?: pulumi.Input; /** * Amplify environment name for the pull request. */ pullRequestEnvironmentName?: pulumi.Input; /** * Describes the current stage for the autocreated branch. Valid values: `PRODUCTION`, `BETA`, `DEVELOPMENT`, `EXPERIMENTAL`, `PULL_REQUEST`. */ stage?: pulumi.Input; } export interface AppCustomRule { /** * Condition for a URL rewrite or redirect rule, such as a country code. */ condition?: pulumi.Input; /** * Source pattern for a URL rewrite or redirect rule. */ source: pulumi.Input; /** * Status code for a URL rewrite or redirect rule. Valid values: `200`, `301`, `302`, `404`, `404-200`. */ status?: pulumi.Input; /** * Target pattern for a URL rewrite or redirect rule. */ target: pulumi.Input; } export interface AppProductionBranch { /** * Branch name for the production branch. */ branchName?: pulumi.Input; /** * Last deploy time of the production branch. */ lastDeployTime?: pulumi.Input; /** * Status code for a URL rewrite or redirect rule. Valid values: `200`, `301`, `302`, `404`, `404-200`. */ status?: pulumi.Input; /** * Thumbnail URL for the production branch. */ thumbnailUrl?: pulumi.Input; } export interface DomainAssociationSubDomain { /** * Branch name setting for the subdomain. */ branchName: pulumi.Input; /** * DNS record for the subdomain. */ dnsRecord?: pulumi.Input; /** * Prefix setting for the subdomain. */ prefix: pulumi.Input; /** * Verified status of the subdomain. */ verified?: pulumi.Input; } } export namespace apigateway { export interface AccountThrottleSetting { /** * Absolute maximum number of times API Gateway allows the API to be called per second (RPS). */ burstLimit?: pulumi.Input; /** * Number of times API Gateway allows the API to be called per second on average (RPS). */ rateLimit?: pulumi.Input; } export interface DocumentationPartLocation { /** * HTTP verb of a method. The default value is `*` for any method. */ method?: pulumi.Input; /** * Name of the targeted API entity. */ name?: pulumi.Input; /** * URL path of the target. The default value is `/` for the root resource. */ path?: pulumi.Input; /** * HTTP status code of a response. The default value is `*` for any status code. */ statusCode?: pulumi.Input; /** * Type of API entity to which the documentation content appliesE.g., `API`, `METHOD` or `REQUEST_BODY` */ type: pulumi.Input; } export interface DomainNameEndpointConfiguration { /** * List of endpoint types. This resource currently only supports managing a single value. Valid values: `EDGE` or `REGIONAL`. If unspecified, defaults to `EDGE`. Must be declared as `REGIONAL` in non-Commercial partitions. Refer to the [documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/create-regional-api.html) for more information on the difference between edge-optimized and regional APIs. */ types: pulumi.Input; } export interface DomainNameMutualTlsAuthentication { /** * Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, `s3://bucket-name/key-name`. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version. */ truststoreUri: pulumi.Input; /** * Version of the S3 object that contains the truststore. To specify a version, you must have versioning enabled for the S3 bucket. */ truststoreVersion?: pulumi.Input; } export interface IntegrationTlsConfig { /** * Whether or not API Gateway skips verification that the certificate for an integration endpoint is issued by a [supported certificate authority](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-supported-certificate-authorities-for-http-endpoints.html). This isn’t recommended, but it enables you to use certificates that are signed by private certificate authorities, or certificates that are self-signed. If enabled, API Gateway still performs basic certificate validation, which includes checking the certificate's expiration date, hostname, and presence of a root certificate authority. Supported only for `HTTP` and `HTTP_PROXY` integrations. */ insecureSkipVerification?: pulumi.Input; } export interface MethodSettingsSettings { /** * Whether the cached responses are encrypted. */ cacheDataEncrypted?: pulumi.Input; /** * Time to live (TTL), in seconds, for cached responses. The higher the TTL, the longer the response will be cached. */ cacheTtlInSeconds?: pulumi.Input; /** * Whether responses should be cached and returned for requests. A cache cluster must be enabled on the stage for responses to be cached. */ cachingEnabled?: pulumi.Input; /** * Whether data trace logging is enabled for this method, which effects the log entries pushed to Amazon CloudWatch Logs. */ dataTraceEnabled?: pulumi.Input; /** * Logging level for this method, which effects the log entries pushed to Amazon CloudWatch Logs. The available levels are `OFF`, `ERROR`, and `INFO`. */ loggingLevel?: pulumi.Input; /** * Whether Amazon CloudWatch metrics are enabled for this method. */ metricsEnabled?: pulumi.Input; /** * Whether authorization is required for a cache invalidation request. */ requireAuthorizationForCacheControl?: pulumi.Input; /** * Throttling burst limit. Default: `-1` (throttling disabled). */ throttlingBurstLimit?: pulumi.Input; /** * Throttling rate limit. Default: `-1` (throttling disabled). */ throttlingRateLimit?: pulumi.Input; /** * How to handle unauthorized requests for cache invalidation. The available values are `FAIL_WITH_403`, `SUCCEED_WITH_RESPONSE_HEADER`, `SUCCEED_WITHOUT_RESPONSE_HEADER`. */ unauthorizedCacheControlHeaderStrategy?: pulumi.Input; } export interface RestApiEndpointConfiguration { /** * List of endpoint types. This resource currently only supports managing a single value. Valid values: `EDGE`, `REGIONAL` or `PRIVATE`. If unspecified, defaults to `EDGE`. If set to `PRIVATE` recommend to set `putRestApiMode` = `merge` to not cause the endpoints and associated Route53 records to be deleted. Refer to the [documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/create-regional-api.html) for more information on the difference between edge-optimized and regional APIs. */ types: pulumi.Input; /** * Set of VPC Endpoint identifiers. It is only supported for `PRIVATE` endpoint type. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-endpoint-configuration` extension `vpcEndpointIds` property](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-endpoint-configuration.html). If the argument value is provided and is different than the OpenAPI value, **the argument value will override the OpenAPI value**. */ vpcEndpointIds?: pulumi.Input[]>; } export interface StageAccessLogSettings { /** * ARN of the CloudWatch Logs log group or Kinesis Data Firehose delivery stream to receive access logs. If you specify a Kinesis Data Firehose delivery stream, the stream name must begin with `amazon-apigateway-`. Automatically removes trailing `:*` if present. */ destinationArn: pulumi.Input; /** * Formatting and values recorded in the logs. * For more information on configuring the log format rules visit the AWS [documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html) */ format: pulumi.Input; } export interface StageCanarySettings { /** * Percent `0.0` - `100.0` of traffic to divert to the canary deployment. */ percentTraffic?: pulumi.Input; /** * Map of overridden stage `variables` (including new variables) for the canary deployment. */ stageVariableOverrides?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Whether the canary deployment uses the stage cache. Defaults to false. */ useStageCache?: pulumi.Input; } export interface UsagePlanApiStage { /** * API Id of the associated API stage in a usage plan. */ apiId: pulumi.Input; /** * API stage name of the associated API stage in a usage plan. */ stage: pulumi.Input; /** * The throttling limits of the usage plan. */ throttles?: pulumi.Input[]>; } export interface UsagePlanApiStageThrottle { /** * The API request burst limit, the maximum rate limit over a time ranging from one to a few seconds, depending upon whether the underlying token bucket is at its full capacity. */ burstLimit?: pulumi.Input; /** * Method to apply the throttle settings for. Specfiy the path and method, for example `/test/GET`. */ path: pulumi.Input; /** * The API request steady-state rate limit. */ rateLimit?: pulumi.Input; } export interface UsagePlanQuotaSettings { /** * Maximum number of requests that can be made in a given time period. */ limit: pulumi.Input; /** * Number of requests subtracted from the given limit in the initial time period. */ offset?: pulumi.Input; /** * Time period in which the limit applies. Valid values are "DAY", "WEEK" or "MONTH". */ period: pulumi.Input; } export interface UsagePlanThrottleSettings { /** * The API request burst limit, the maximum rate limit over a time ranging from one to a few seconds, depending upon whether the underlying token bucket is at its full capacity. */ burstLimit?: pulumi.Input; /** * The API request steady-state rate limit. */ rateLimit?: pulumi.Input; } } export namespace apigatewayv2 { export interface ApiCorsConfiguration { /** * Whether credentials are included in the CORS request. */ allowCredentials?: pulumi.Input; /** * Set of allowed HTTP headers. */ allowHeaders?: pulumi.Input[]>; /** * Set of allowed HTTP methods. */ allowMethods?: pulumi.Input[]>; /** * Set of allowed origins. */ allowOrigins?: pulumi.Input[]>; /** * Set of exposed HTTP headers. */ exposeHeaders?: pulumi.Input[]>; /** * Number of seconds that the browser should cache preflight request results. */ maxAge?: pulumi.Input; } export interface AuthorizerJwtConfiguration { /** * List of the intended recipients of the JWT. A valid JWT must provide an aud that matches at least one entry in this list. */ audiences?: pulumi.Input[]>; /** * Base domain of the identity provider that issues JSON Web Tokens, such as the `endpoint` attribute of the `aws.cognito.UserPool` resource. */ issuer?: pulumi.Input; } export interface DomainNameDomainNameConfiguration { /** * ARN of an AWS-managed certificate that will be used by the endpoint for the domain name. AWS Certificate Manager is the only supported source. Use the `aws.acm.Certificate` resource to configure an ACM certificate. */ certificateArn: pulumi.Input; /** * Endpoint type. Valid values: `REGIONAL`. */ endpointType: pulumi.Input; /** * Amazon Route 53 Hosted Zone ID of the endpoint. */ hostedZoneId?: pulumi.Input; /** * ARN of the AWS-issued certificate used to validate custom domain ownership (when `certificateArn` is issued via an ACM Private CA or `mutualTlsAuthentication` is configured with an ACM-imported certificate.) */ ownershipVerificationCertificateArn?: pulumi.Input; /** * Transport Layer Security (TLS) version of the [security policy](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html) for the domain name. Valid values: `TLS_1_2`. */ securityPolicy: pulumi.Input; /** * Target domain name. */ targetDomainName?: pulumi.Input; } export interface DomainNameMutualTlsAuthentication { /** * Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, `s3://bucket-name/key-name`. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version. */ truststoreUri: pulumi.Input; /** * Version of the S3 object that contains the truststore. To specify a version, you must have versioning enabled for the S3 bucket. */ truststoreVersion?: pulumi.Input; } export interface IntegrationResponseParameter { /** * Key-value map. The key of this map identifies the location of the request parameter to change, and how to change it. The corresponding value specifies the new data for the parameter. * See the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) for details. */ mappings: pulumi.Input<{[key: string]: pulumi.Input}>; /** * HTTP status code in the range 200-599. */ statusCode: pulumi.Input; } export interface IntegrationTlsConfig { /** * If you specify a server name, API Gateway uses it to verify the hostname on the integration's certificate. The server name is also included in the TLS handshake to support Server Name Indication (SNI) or virtual hosting. */ serverNameToVerify?: pulumi.Input; } export interface RouteRequestParameter { /** * Request parameter key. This is a [request data mapping parameter](https://docs.aws.amazon.com/apigateway/latest/developerguide/websocket-api-data-mapping.html#websocket-mapping-request-parameters). */ requestParameterKey: pulumi.Input; /** * Boolean whether or not the parameter is required. */ required: pulumi.Input; } export interface StageAccessLogSettings { /** * ARN of the CloudWatch Logs log group to receive access logs. Any trailing `:*` is trimmed from the ARN. */ destinationArn: pulumi.Input; /** * Single line [format](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html#apigateway-cloudwatch-log-formats) of the access logs of data. Refer to log settings for [HTTP](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-logging-variables.html) or [Websocket](https://docs.aws.amazon.com/apigateway/latest/developerguide/websocket-api-logging.html). */ format: pulumi.Input; } export interface StageDefaultRouteSettings { /** * Whether data trace logging is enabled for the default route. Affects the log entries pushed to Amazon CloudWatch Logs. * Defaults to `false`. Supported only for WebSocket APIs. */ dataTraceEnabled?: pulumi.Input; /** * Whether detailed metrics are enabled for the default route. Defaults to `false`. */ detailedMetricsEnabled?: pulumi.Input; /** * Logging level for the default route. Affects the log entries pushed to Amazon CloudWatch Logs. * Valid values: `ERROR`, `INFO`, `OFF`. Defaults to `OFF`. Supported only for WebSocket APIs. This provider will only perform drift detection of its value when present in a configuration. */ loggingLevel?: pulumi.Input; /** * Throttling burst limit for the default route. */ throttlingBurstLimit?: pulumi.Input; /** * Throttling rate limit for the default route. */ throttlingRateLimit?: pulumi.Input; } export interface StageRouteSetting { /** * Whether data trace logging is enabled for the route. Affects the log entries pushed to Amazon CloudWatch Logs. * Defaults to `false`. Supported only for WebSocket APIs. */ dataTraceEnabled?: pulumi.Input; /** * Whether detailed metrics are enabled for the route. Defaults to `false`. */ detailedMetricsEnabled?: pulumi.Input; /** * Logging level for the route. Affects the log entries pushed to Amazon CloudWatch Logs. * Valid values: `ERROR`, `INFO`, `OFF`. Defaults to `OFF`. Supported only for WebSocket APIs. This provider will only perform drift detection of its value when present in a configuration. */ loggingLevel?: pulumi.Input; /** * Route key. */ routeKey: pulumi.Input; /** * Throttling burst limit for the route. */ throttlingBurstLimit?: pulumi.Input; /** * Throttling rate limit for the route. */ throttlingRateLimit?: pulumi.Input; } } export namespace appautoscaling { export interface PolicyStepScalingPolicyConfiguration { /** * Whether the adjustment is an absolute number or a percentage of the current capacity. Valid values are `ChangeInCapacity`, `ExactCapacity`, and `PercentChangeInCapacity`. */ adjustmentType?: pulumi.Input; /** * Amount of time, in seconds, after a scaling activity completes and before the next scaling activity can start. */ cooldown?: pulumi.Input; /** * Aggregation type for the policy's metrics. Valid values are "Minimum", "Maximum", and "Average". Without a value, AWS will treat the aggregation type as "Average". */ metricAggregationType?: pulumi.Input; /** * Minimum number to adjust your scalable dimension as a result of a scaling activity. If the adjustment type is PercentChangeInCapacity, the scaling policy changes the scalable dimension of the scalable target by this amount. */ minAdjustmentMagnitude?: pulumi.Input; /** * Set of adjustments that manage scaling. These have the following structure: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const ecsPolicy = new aws.appautoscaling.Policy("ecsPolicy", {stepScalingPolicyConfiguration: { * stepAdjustments: [ * { * metricIntervalLowerBound: "1", * metricIntervalUpperBound: "2", * scalingAdjustment: -1, * }, * { * metricIntervalLowerBound: "2", * metricIntervalUpperBound: "3", * scalingAdjustment: 1, * }, * ], * }}); * ``` */ stepAdjustments?: pulumi.Input[]>; } export interface PolicyStepScalingPolicyConfigurationStepAdjustment { /** * Lower bound for the difference between the alarm threshold and the CloudWatch metric. Without a value, AWS will treat this bound as negative infinity. */ metricIntervalLowerBound?: pulumi.Input; /** * Upper bound for the difference between the alarm threshold and the CloudWatch metric. Without a value, AWS will treat this bound as infinity. The upper bound must be greater than the lower bound. */ metricIntervalUpperBound?: pulumi.Input; /** * Number of members by which to scale, when the adjustment bounds are breached. A positive value scales up. A negative value scales down. */ scalingAdjustment: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfiguration { /** * Custom CloudWatch metric. Documentation can be found at: [AWS Customized Metric Specification](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_CustomizedMetricSpecification.html). See supported fields below. */ customizedMetricSpecification?: pulumi.Input; /** * Whether scale in by the target tracking policy is disabled. If the value is true, scale in is disabled and the target tracking policy won't remove capacity from the scalable resource. Otherwise, scale in is enabled and the target tracking policy can remove capacity from the scalable resource. The default value is `false`. */ disableScaleIn?: pulumi.Input; /** * Predefined metric. See supported fields below. */ predefinedMetricSpecification?: pulumi.Input; /** * Amount of time, in seconds, after a scale in activity completes before another scale in activity can start. */ scaleInCooldown?: pulumi.Input; /** * Amount of time, in seconds, after a scale out activity completes before another scale out activity can start. */ scaleOutCooldown?: pulumi.Input; /** * Target value for the metric. */ targetValue: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecification { /** * Configuration block(s) with the dimensions of the metric if the metric was published with dimensions. Detailed below. */ dimensions?: pulumi.Input[]>; /** * Name of the metric. */ metricName?: pulumi.Input; /** * Metrics to include, as a metric data query. */ metrics?: pulumi.Input[]>; /** * Namespace of the metric. */ namespace?: pulumi.Input; /** * Statistic of the metric. Valid values: `Average`, `Minimum`, `Maximum`, `SampleCount`, and `Sum`. */ statistic?: pulumi.Input; /** * Unit of the metric. */ unit?: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationDimension { /** * Name of the policy. Must be between 1 and 255 characters in length. */ name: pulumi.Input; /** * Value of the dimension. */ value: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetric { /** * Math expression used on the returned metric. You must specify either `expression` or `metricStat`, but not both. */ expression?: pulumi.Input; /** * Short name for the metric used in target tracking scaling policy. */ id: pulumi.Input; /** * Human-readable label for this metric or expression. */ label?: pulumi.Input; /** * Structure that defines CloudWatch metric to be used in target tracking scaling policy. You must specify either `expression` or `metricStat`, but not both. */ metricStat?: pulumi.Input; /** * Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true */ returnData?: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStat { /** * Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions. */ metric: pulumi.Input; /** * Statistic of the metrics to return. */ stat: pulumi.Input; /** * Unit of the metric. */ unit?: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetric { /** * Configuration block(s) with the dimensions of the metric if the metric was published with dimensions. Detailed below. */ dimensions?: pulumi.Input[]>; /** * Name of the metric. */ metricName: pulumi.Input; /** * Namespace of the metric. */ namespace: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimension { /** * Name of the policy. Must be between 1 and 255 characters in length. */ name: pulumi.Input; /** * Value of the dimension. */ value: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecification { /** * Metric type. */ predefinedMetricType: pulumi.Input; /** * Reserved for future use if the `predefinedMetricType` is not `ALBRequestCountPerTarget`. If the `predefinedMetricType` is `ALBRequestCountPerTarget`, you must specify this argument. Documentation can be found at: [AWS Predefined Scaling Metric Specification](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_PredefinedScalingMetricSpecification.html). Must be less than or equal to 1023 characters in length. */ resourceLabel?: pulumi.Input; } export interface ScheduledActionScalableTargetAction { /** * Maximum capacity. At least one of `maxCapacity` or `minCapacity` must be set. */ maxCapacity?: pulumi.Input; /** * Minimum capacity. At least one of `minCapacity` or `maxCapacity` must be set. */ minCapacity?: pulumi.Input; } } export namespace appconfig { export interface ConfigurationProfileValidator { /** * Either the JSON Schema content or the ARN of an AWS Lambda function. */ content?: pulumi.Input; /** * Type of validator. Valid values: `JSON_SCHEMA` and `LAMBDA`. */ type: pulumi.Input; } export interface EnvironmentMonitor { /** * ARN of the Amazon CloudWatch alarm. */ alarmArn: pulumi.Input; /** * ARN of an IAM role for AWS AppConfig to monitor `alarmArn`. */ alarmRoleArn?: pulumi.Input; } export interface EventIntegrationEventFilter { /** * Source of the events. */ source: pulumi.Input; } export interface ExtensionActionPoint { /** * An action defines the tasks the extension performs during the AppConfig workflow. Detailed below. */ actions: pulumi.Input[]>; /** * The point at which to perform the defined actions. Valid points are `PRE_CREATE_HOSTED_CONFIGURATION_VERSION`, `PRE_START_DEPLOYMENT`, `ON_DEPLOYMENT_START`, `ON_DEPLOYMENT_STEP`, `ON_DEPLOYMENT_BAKING`, `ON_DEPLOYMENT_COMPLETE`, `ON_DEPLOYMENT_ROLLED_BACK`. */ point: pulumi.Input; } export interface ExtensionActionPointAction { /** * Information about the action. */ description?: pulumi.Input; /** * The action name. */ name: pulumi.Input; /** * An Amazon Resource Name (ARN) for an Identity and Access Management assume role. */ roleArn: pulumi.Input; /** * The extension URI associated to the action point in the extension definition. The URI can be an Amazon Resource Name (ARN) for one of the following: an Lambda function, an Amazon Simple Queue Service queue, an Amazon Simple Notification Service topic, or the Amazon EventBridge default event bus. */ uri: pulumi.Input; } export interface ExtensionParameter { /** * Information about the parameter. */ description?: pulumi.Input; /** * The parameter name. */ name: pulumi.Input; /** * Determines if a parameter value must be specified in the extension association. */ required?: pulumi.Input; } } export namespace appflow { export interface ConnectorProfileConnectorProfileConfig { /** * The connector-specific credentials required by each connector. See Connector Profile Credentials for more details. */ connectorProfileCredentials: pulumi.Input; /** * The connector-specific properties of the profile configuration. See Connector Profile Properties for more details. */ connectorProfileProperties: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentials { /** * The connector-specific credentials required when using Amplitude. See Amplitude Connector Profile Credentials for more details. */ amplitude?: pulumi.Input; /** * The connector-specific profile credentials required when using the custom connector. See Custom Connector Profile Credentials for more details. */ customConnector?: pulumi.Input; /** * Connector-specific credentials required when using Datadog. See Datadog Connector Profile Credentials for more details. */ datadog?: pulumi.Input; /** * The connector-specific credentials required when using Dynatrace. See Dynatrace Connector Profile Credentials for more details. */ dynatrace?: pulumi.Input; /** * The connector-specific credentials required when using Google Analytics. See Google Analytics Connector Profile Credentials for more details. */ googleAnalytics?: pulumi.Input; /** * The connector-specific credentials required when using Amazon Honeycode. See Honeycode Connector Profile Credentials for more details. */ honeycode?: pulumi.Input; /** * The connector-specific credentials required when using Infor Nexus. See Infor Nexus Connector Profile Credentials for more details. */ inforNexus?: pulumi.Input; /** * Connector-specific credentials required when using Marketo. See Marketo Connector Profile Credentials for more details. */ marketo?: pulumi.Input; /** * Connector-specific credentials required when using Amazon Redshift. See Redshift Connector Profile Credentials for more details. */ redshift?: pulumi.Input; /** * The connector-specific credentials required when using Salesforce. See Salesforce Connector Profile Credentials for more details. */ salesforce?: pulumi.Input; /** * The connector-specific credentials required when using SAPOData. See SAPOData Connector Profile Credentials for more details. */ sapoData?: pulumi.Input; /** * The connector-specific credentials required when using ServiceNow. See ServiceNow Connector Profile Credentials for more details. */ serviceNow?: pulumi.Input; /** * Connector-specific credentials required when using Singular. See Singular Connector Profile Credentials for more details. */ singular?: pulumi.Input; /** * Connector-specific credentials required when using Slack. See Slack Connector Profile Credentials for more details. */ slack?: pulumi.Input; /** * The connector-specific credentials required when using Snowflake. See Snowflake Connector Profile Credentials for more details. */ snowflake?: pulumi.Input; /** * The connector-specific credentials required when using Trend Micro. See Trend Micro Connector Profile Credentials for more details. */ trendmicro?: pulumi.Input; /** * Connector-specific credentials required when using Veeva. See Veeva Connector Profile Credentials for more details. */ veeva?: pulumi.Input; /** * Connector-specific credentials required when using Zendesk. See Zendesk Connector Profile Credentials for more details. */ zendesk?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsAmplitude { /** * Unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. */ apiKey: pulumi.Input; /** * The Secret Access Key portion of the credentials. */ secretKey: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnector { /** * Unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. */ apiKey?: pulumi.Input; /** * The authentication type that the custom connector uses for authenticating while creating a connector profile. One of: `APIKEY`, `BASIC`, `CUSTOM`, `OAUTH2`. */ authenticationType: pulumi.Input; /** * Basic credentials that are required for the authentication of the user. */ basic?: pulumi.Input; /** * If the connector uses the custom authentication mechanism, this holds the required credentials. */ custom?: pulumi.Input; /** * OAuth 2.0 credentials required for the authentication of the user. */ oauth2?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorApiKey { /** * Unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. */ apiKey: pulumi.Input; /** * The API secret key required for API key authentication. */ apiSecretKey?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorBasic { /** * The password to use to connect to a resource. */ password: pulumi.Input; /** * The username to use to connect to a resource. */ username: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorCustom { /** * A map that holds custom authentication credentials. */ credentialsMap?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The custom authentication type that the connector uses. */ customAuthenticationType: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorOauth2 { /** * The access token used to access the connector on your behalf. */ accessToken?: pulumi.Input; /** * The identifier for the desired client. */ clientId?: pulumi.Input; /** * The client secret used by the OAuth client to authenticate to the authorization server. */ clientSecret?: pulumi.Input; /** * Used by select connectors for which the OAuth workflow is supported. See OAuth Request for more details. */ oauthRequest?: pulumi.Input; /** * The refresh token used to refresh an expired access token. */ refreshToken?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorOauth2OauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsDatadog { /** * Unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. */ apiKey: pulumi.Input; /** * Application keys, in conjunction with your API key, give you full access to Datadog’s programmatic API. Application keys are associated with the user account that created them. The application key is used to log all requests made to the API. */ applicationKey: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsDynatrace { /** * The API tokens used by Dynatrace API to authenticate various API calls. */ apiToken: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsGoogleAnalytics { /** * The access token used to access the connector on your behalf. */ accessToken?: pulumi.Input; /** * The identifier for the desired client. */ clientId: pulumi.Input; /** * The client secret used by the OAuth client to authenticate to the authorization server. */ clientSecret: pulumi.Input; /** * Used by select connectors for which the OAuth workflow is supported. See OAuth Request for more details. */ oauthRequest?: pulumi.Input; /** * The refresh token used to refresh an expired access token. */ refreshToken?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsGoogleAnalyticsOauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsHoneycode { /** * The access token used to access the connector on your behalf. */ accessToken?: pulumi.Input; /** * Used by select connectors for which the OAuth workflow is supported. See OAuth Request for more details. */ oauthRequest?: pulumi.Input; /** * The refresh token used to refresh an expired access token. */ refreshToken?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsHoneycodeOauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsInforNexus { /** * The Access Key portion of the credentials. */ accessKeyId: pulumi.Input; /** * Encryption keys used to encrypt data. */ datakey: pulumi.Input; /** * The secret key used to sign requests. */ secretAccessKey: pulumi.Input; /** * Identifier for the user. */ userId: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsMarketo { /** * The access token used to access the connector on your behalf. */ accessToken?: pulumi.Input; /** * The identifier for the desired client. */ clientId: pulumi.Input; /** * The client secret used by the OAuth client to authenticate to the authorization server. */ clientSecret: pulumi.Input; /** * Used by select connectors for which the OAuth workflow is supported. See OAuth Request for more details. */ oauthRequest?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsMarketoOauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshift { /** * The password to use to connect to a resource. */ password: pulumi.Input; /** * The username to use to connect to a resource. */ username: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSalesforce { /** * The access token used to access the connector on your behalf. */ accessToken?: pulumi.Input; /** * The secret manager ARN, which contains the client ID and client secret of the connected app. */ clientCredentialsArn?: pulumi.Input; /** * Used by select connectors for which the OAuth workflow is supported. See OAuth Request for more details. */ oauthRequest?: pulumi.Input; /** * The refresh token used to refresh an expired access token. */ refreshToken?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSalesforceOauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoData { /** * The SAPOData basic authentication credentials. */ basicAuthCredentials?: pulumi.Input; /** * The SAPOData OAuth type authentication credentials. */ oauthCredentials?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataBasicAuthCredentials { /** * The password to use to connect to a resource. */ password: pulumi.Input; /** * The username to use to connect to a resource. */ username: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataOauthCredentials { /** * The access token used to access the connector on your behalf. */ accessToken?: pulumi.Input; /** * The identifier for the desired client. */ clientId: pulumi.Input; /** * The client secret used by the OAuth client to authenticate to the authorization server. */ clientSecret: pulumi.Input; /** * Used by select connectors for which the OAuth workflow is supported. See OAuth Request for more details. */ oauthRequest?: pulumi.Input; /** * The refresh token used to refresh an expired access token. */ refreshToken?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataOauthCredentialsOauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsServiceNow { /** * The password to use to connect to a resource. */ password: pulumi.Input; /** * The username to use to connect to a resource. */ username: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSingular { /** * Unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. */ apiKey: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSlack { /** * The access token used to access the connector on your behalf. */ accessToken?: pulumi.Input; /** * The identifier for the desired client. */ clientId: pulumi.Input; /** * The client secret used by the OAuth client to authenticate to the authorization server. */ clientSecret: pulumi.Input; /** * Used by select connectors for which the OAuth workflow is supported. See OAuth Request for more details. */ oauthRequest?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSlackOauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSnowflake { /** * The password to use to connect to a resource. */ password: pulumi.Input; /** * The username to use to connect to a resource. */ username: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsTrendmicro { /** * The API secret key required for API key authentication. */ apiSecretKey: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsVeeva { /** * The password to use to connect to a resource. */ password: pulumi.Input; /** * The username to use to connect to a resource. */ username: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsZendesk { /** * The access token used to access the connector on your behalf. */ accessToken?: pulumi.Input; /** * The identifier for the desired client. */ clientId: pulumi.Input; /** * The client secret used by the OAuth client to authenticate to the authorization server. */ clientSecret: pulumi.Input; /** * Used by select connectors for which the OAuth workflow is supported. See OAuth Request for more details. */ oauthRequest?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsZendeskOauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileProperties { /** * The connector-specific credentials required when using Amplitude. See Amplitude Connector Profile Credentials for more details. */ amplitude?: pulumi.Input; /** * The connector-specific profile properties required when using the custom connector. See Custom Connector Profile Properties for more details. */ customConnector?: pulumi.Input; /** * Connector-specific properties required when using Datadog. See Generic Connector Profile Properties for more details. */ datadog?: pulumi.Input; /** * The connector-specific properties required when using Dynatrace. See Generic Connector Profile Properties for more details. */ dynatrace?: pulumi.Input; /** * The connector-specific credentials required when using Google Analytics. See Google Analytics Connector Profile Credentials for more details. */ googleAnalytics?: pulumi.Input; /** * The connector-specific credentials required when using Amazon Honeycode. See Honeycode Connector Profile Credentials for more details. */ honeycode?: pulumi.Input; /** * The connector-specific properties required when using Infor Nexus. See Generic Connector Profile Properties for more details. */ inforNexus?: pulumi.Input; /** * Connector-specific properties required when using Marketo. See Generic Connector Profile Properties for more details. */ marketo?: pulumi.Input; /** * Connector-specific properties required when using Amazon Redshift. See Redshift Connector Profile Properties for more details. */ redshift?: pulumi.Input; /** * The connector-specific properties required when using Salesforce. See Salesforce Connector Profile Properties for more details. */ salesforce?: pulumi.Input; /** * The connector-specific properties required when using SAPOData. See SAPOData Connector Profile Properties for more details. */ sapoData?: pulumi.Input; /** * The connector-specific properties required when using ServiceNow. See Generic Connector Profile Properties for more details. */ serviceNow?: pulumi.Input; /** * Connector-specific credentials required when using Singular. See Singular Connector Profile Credentials for more details. */ singular?: pulumi.Input; /** * Connector-specific properties required when using Slack. See Generic Connector Profile Properties for more details. */ slack?: pulumi.Input; /** * The connector-specific properties required when using Snowflake. See Snowflake Connector Profile Properties for more details. */ snowflake?: pulumi.Input; /** * The connector-specific credentials required when using Trend Micro. See Trend Micro Connector Profile Credentials for more details. */ trendmicro?: pulumi.Input; /** * Connector-specific properties required when using Veeva. See Generic Connector Profile Properties for more details. */ veeva?: pulumi.Input; /** * Connector-specific properties required when using Zendesk. See Generic Connector Profile Properties for more details. */ zendesk?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesAmplitude { } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesCustomConnector { /** * The OAuth 2.0 properties required for OAuth 2.0 authentication. */ oauth2Properties?: pulumi.Input; /** * A map of properties that are required to create a profile for the custom connector. */ profileProperties?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesCustomConnectorOauth2Properties { /** * The OAuth 2.0 grant type used by connector for OAuth 2.0 authentication. One of: `AUTHORIZATION_CODE`, `CLIENT_CREDENTIALS`. */ oauth2GrantType: pulumi.Input; /** * The token URL required for OAuth 2.0 authentication. */ tokenUrl: pulumi.Input; /** * Associates your token URL with a map of properties that you define. Use this parameter to provide any additional details that the connector requires to authenticate your request. */ tokenUrlCustomProperties?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesDatadog { /** * The location of the Datadog resource. */ instanceUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesDynatrace { /** * The location of the Datadog resource. */ instanceUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesGoogleAnalytics { } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesHoneycode { } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesInforNexus { /** * The location of the Datadog resource. */ instanceUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesMarketo { /** * The location of the Datadog resource. */ instanceUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshift { /** * A name for the associated Amazon S3 bucket. */ bucketName: pulumi.Input; /** * The object key for the destination bucket in which Amazon AppFlow places the files. */ bucketPrefix?: pulumi.Input; /** * The unique ID that's assigned to an Amazon Redshift cluster. */ clusterIdentifier?: pulumi.Input; /** * ARN of the IAM role that permits AppFlow to access the database through Data API. */ dataApiRoleArn?: pulumi.Input; /** * The name of an Amazon Redshift database. */ databaseName?: pulumi.Input; /** * The JDBC URL of the Amazon Redshift cluster. */ databaseUrl?: pulumi.Input; /** * ARN of the IAM role. */ roleArn: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSalesforce { /** * The location of the Datadog resource. */ instanceUrl?: pulumi.Input; /** * Indicates whether the connector profile applies to a sandbox or production environment. */ isSandboxEnvironment?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSapoData { /** * The location of the SAPOData resource. */ applicationHostUrl: pulumi.Input; /** * The application path to catalog service. */ applicationServicePath: pulumi.Input; /** * The client number for the client creating the connection. */ clientNumber: pulumi.Input; /** * The logon language of SAPOData instance. */ logonLanguage?: pulumi.Input; /** * The SAPOData OAuth properties required for OAuth type authentication. */ oauthProperties?: pulumi.Input; /** * The port number of the SAPOData instance. */ portNumber: pulumi.Input; /** * The SAPOData Private Link service name to be used for private data transfers. */ privateLinkServiceName?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSapoDataOauthProperties { /** * The authorization code url required to redirect to SAP Login Page to fetch authorization code for OAuth type authentication. */ authCodeUrl: pulumi.Input; /** * The OAuth scopes required for OAuth type authentication. */ oauthScopes: pulumi.Input[]>; /** * The token URL required for OAuth 2.0 authentication. */ tokenUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesServiceNow { /** * The location of the Datadog resource. */ instanceUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSingular { } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSlack { /** * The location of the Datadog resource. */ instanceUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSnowflake { /** * The name of the account. */ accountName?: pulumi.Input; /** * A name for the associated Amazon S3 bucket. */ bucketName: pulumi.Input; /** * The object key for the destination bucket in which Amazon AppFlow places the files. */ bucketPrefix?: pulumi.Input; /** * The SAPOData Private Link service name to be used for private data transfers. */ privateLinkServiceName?: pulumi.Input; /** * AWS Region of the Snowflake account. */ region?: pulumi.Input; /** * Name of the Amazon S3 stage that was created while setting up an Amazon S3 stage in the Snowflake account. This is written in the following format: `..`. */ stage: pulumi.Input; /** * The name of the Snowflake warehouse. */ warehouse: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesTrendmicro { } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesVeeva { /** * The location of the Datadog resource. */ instanceUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesZendesk { /** * The location of the Datadog resource. */ instanceUrl: pulumi.Input; } export interface FlowDestinationFlowConfig { /** * API version that the destination connector uses. */ apiVersion?: pulumi.Input; /** * Name of the connector profile. This name must be unique for each connector profile in the AWS account. */ connectorProfileName?: pulumi.Input; /** * Type of connector, such as Salesforce, Amplitude, and so on. Valid values are `Salesforce`, `Singular`, `Slack`, `Redshift`, `S3`, `Marketo`, `Googleanalytics`, `Zendesk`, `Servicenow`, `Datadog`, `Trendmicro`, `Snowflake`, `Dynatrace`, `Infornexus`, `Amplitude`, `Veeva`, `EventBridge`, `LookoutMetrics`, `Upsolver`, `Honeycode`, `CustomerProfiles`, `SAPOData`, and `CustomConnector`. */ connectorType: pulumi.Input; /** * This stores the information that is required to query a particular connector. See Destination Connector Properties for more information. */ destinationConnectorProperties: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorProperties { /** * Properties that are required to query the custom Connector. See Custom Connector Destination Properties for more details. */ customConnector?: pulumi.Input; /** * Properties that are required to query Amazon Connect Customer Profiles. See Customer Profiles Destination Properties for more details. */ customerProfiles?: pulumi.Input; /** * Properties that are required to query Amazon EventBridge. See Generic Destination Properties for more details. */ eventBridge?: pulumi.Input; /** * Properties that are required to query Amazon Honeycode. See Generic Destination Properties for more details. */ honeycode?: pulumi.Input; lookoutMetrics?: pulumi.Input; /** * Properties that are required to query Marketo. See Generic Destination Properties for more details. */ marketo?: pulumi.Input; /** * Properties that are required to query Amazon Redshift. See Redshift Destination Properties for more details. */ redshift?: pulumi.Input; /** * Properties that are required to query Amazon S3. See S3 Destination Properties for more details. */ s3?: pulumi.Input; /** * Properties that are required to query Salesforce. See Salesforce Destination Properties for more details. */ salesforce?: pulumi.Input; /** * Properties that are required to query SAPOData. See SAPOData Destination Properties for more details. */ sapoData?: pulumi.Input; /** * Properties that are required to query Snowflake. See Snowflake Destination Properties for more details. */ snowflake?: pulumi.Input; /** * Properties that are required to query Upsolver. See Upsolver Destination Properties for more details. */ upsolver?: pulumi.Input; /** * Properties that are required to query Zendesk. See Zendesk Destination Properties for more details. */ zendesk?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesCustomConnector { /** * Custom properties that are specific to the connector when it's used as a destination in the flow. Maximum of 50 items. */ customProperties?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Entity specified in the custom connector as a destination in the flow. */ entityName: pulumi.Input; /** * Settings that determine how Amazon AppFlow handles an error when placing data in the destination. See Error Handling Config for more details. */ errorHandlingConfig?: pulumi.Input; /** * Name of the field that Amazon AppFlow uses as an ID when performing a write operation such as update, delete, or upsert. */ idFieldNames?: pulumi.Input[]>; /** * Type of write operation to be performed in the custom connector when it's used as destination. Valid values are `INSERT`, `UPSERT`, `UPDATE`, and `DELETE`. */ writeOperationType?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesCustomConnectorErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesCustomerProfiles { /** * Unique name of the Amazon Connect Customer Profiles domain. */ domainName: pulumi.Input; /** * Object specified in the Amazon Connect Customer Profiles flow destination. */ objectTypeName?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesEventBridge { /** * Settings that determine how Amazon AppFlow handles an error when placing data in the destination. See Error Handling Config for more details. */ errorHandlingConfig?: pulumi.Input; /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesEventBridgeErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesHoneycode { /** * Settings that determine how Amazon AppFlow handles an error when placing data in the destination. See Error Handling Config for more details. */ errorHandlingConfig?: pulumi.Input; /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesHoneycodeErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesLookoutMetrics { } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesMarketo { /** * Settings that determine how Amazon AppFlow handles an error when placing data in the destination. See Error Handling Config for more details. */ errorHandlingConfig?: pulumi.Input; /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesMarketoErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesRedshift { /** * Object key for the bucket in which Amazon AppFlow places the destination files. */ bucketPrefix?: pulumi.Input; /** * Settings that determine how Amazon AppFlow handles an error when placing data in the destination. See Error Handling Config for more details. */ errorHandlingConfig?: pulumi.Input; /** * Intermediate bucket that Amazon AppFlow uses when moving data into Amazon Redshift. */ intermediateBucketName: pulumi.Input; /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesRedshiftErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesS3 { /** * Amazon S3 bucket name in which Amazon AppFlow places the transferred data. */ bucketName: pulumi.Input; /** * Object key for the bucket in which Amazon AppFlow places the destination files. */ bucketPrefix?: pulumi.Input; /** * Configuration that determines how Amazon AppFlow should format the flow output data when Amazon S3 is used as the destination. See S3 Output Format Config for more details. */ s3OutputFormatConfig?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfig { /** * Aggregation settings that you can use to customize the output format of your flow data. See Aggregation Config for more details. */ aggregationConfig?: pulumi.Input; /** * File type that Amazon AppFlow places in the Amazon S3 bucket. Valid values are `CSV`, `JSON`, and `PARQUET`. */ fileType?: pulumi.Input; /** * Determines the prefix that Amazon AppFlow applies to the folder name in the Amazon S3 bucket. You can name folders according to the flow frequency and date. See Prefix Config for more details. */ prefixConfig?: pulumi.Input; /** * Whether the data types from the source system need to be preserved (Only valid for `Parquet` file type) */ preserveSourceDataTyping?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigAggregationConfig { /** * Whether Amazon AppFlow aggregates the flow records into a single file, or leave them unaggregated. Valid values are `None` and `SingleFile`. */ aggregationType?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigPrefixConfig { /** * Determines the level of granularity that's included in the prefix. Valid values are `YEAR`, `MONTH`, `DAY`, `HOUR`, and `MINUTE`. */ prefixFormat?: pulumi.Input; /** * Determines the format of the prefix, and whether it applies to the file name, file path, or both. Valid values are `FILENAME`, `PATH`, and `PATH_AND_FILENAME`. */ prefixType?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesSalesforce { /** * Settings that determine how Amazon AppFlow handles an error when placing data in the destination. See Error Handling Config for more details. */ errorHandlingConfig?: pulumi.Input; /** * Name of the field that Amazon AppFlow uses as an ID when performing a write operation such as update, delete, or upsert. */ idFieldNames?: pulumi.Input[]>; /** * Object specified in the flow destination. */ object: pulumi.Input; /** * Type of write operation to be performed in the custom connector when it's used as destination. Valid values are `INSERT`, `UPSERT`, `UPDATE`, and `DELETE`. */ writeOperationType?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesSalesforceErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesSapoData { /** * Settings that determine how Amazon AppFlow handles an error when placing data in the destination. See Error Handling Config for more details. */ errorHandlingConfig?: pulumi.Input; /** * Name of the field that Amazon AppFlow uses as an ID when performing a write operation such as update, delete, or upsert. */ idFieldNames?: pulumi.Input[]>; /** * Object path specified in the SAPOData flow destination. */ objectPath: pulumi.Input; /** * Determines how Amazon AppFlow handles the success response that it gets from the connector after placing data. See Success Response Handling Config for more details. */ successResponseHandlingConfig?: pulumi.Input; /** * Type of write operation to be performed in the custom connector when it's used as destination. Valid values are `INSERT`, `UPSERT`, `UPDATE`, and `DELETE`. */ writeOperationType?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesSapoDataErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesSapoDataSuccessResponseHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesSnowflake { /** * Object key for the bucket in which Amazon AppFlow places the destination files. */ bucketPrefix?: pulumi.Input; /** * Settings that determine how Amazon AppFlow handles an error when placing data in the destination. See Error Handling Config for more details. */ errorHandlingConfig?: pulumi.Input; /** * Intermediate bucket that Amazon AppFlow uses when moving data into Amazon Redshift. */ intermediateBucketName: pulumi.Input; /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesSnowflakeErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolver { /** * Amazon S3 bucket name in which Amazon AppFlow places the transferred data. */ bucketName: pulumi.Input; /** * Object key for the bucket in which Amazon AppFlow places the destination files. */ bucketPrefix?: pulumi.Input; /** * Configuration that determines how Amazon AppFlow should format the flow output data when Amazon S3 is used as the destination. See S3 Output Format Config for more details. */ s3OutputFormatConfig: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfig { /** * Aggregation settings that you can use to customize the output format of your flow data. See Aggregation Config for more details. */ aggregationConfig?: pulumi.Input; /** * File type that Amazon AppFlow places in the Amazon S3 bucket. Valid values are `CSV`, `JSON`, and `PARQUET`. */ fileType?: pulumi.Input; /** * Determines the prefix that Amazon AppFlow applies to the folder name in the Amazon S3 bucket. You can name folders according to the flow frequency and date. See Prefix Config for more details. */ prefixConfig: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfigAggregationConfig { /** * Whether Amazon AppFlow aggregates the flow records into a single file, or leave them unaggregated. Valid values are `None` and `SingleFile`. */ aggregationType?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfigPrefixConfig { /** * Determines the level of granularity that's included in the prefix. Valid values are `YEAR`, `MONTH`, `DAY`, `HOUR`, and `MINUTE`. */ prefixFormat?: pulumi.Input; /** * Determines the format of the prefix, and whether it applies to the file name, file path, or both. Valid values are `FILENAME`, `PATH`, and `PATH_AND_FILENAME`. */ prefixType: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesZendesk { /** * Settings that determine how Amazon AppFlow handles an error when placing data in the destination. See Error Handling Config for more details. */ errorHandlingConfig?: pulumi.Input; /** * Name of the field that Amazon AppFlow uses as an ID when performing a write operation such as update, delete, or upsert. */ idFieldNames?: pulumi.Input[]>; /** * Object specified in the flow destination. */ object: pulumi.Input; /** * Type of write operation to be performed in the custom connector when it's used as destination. Valid values are `INSERT`, `UPSERT`, `UPDATE`, and `DELETE`. */ writeOperationType?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesZendeskErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowSourceFlowConfig { /** * API version that the destination connector uses. */ apiVersion?: pulumi.Input; /** * Name of the connector profile. This name must be unique for each connector profile in the AWS account. */ connectorProfileName?: pulumi.Input; /** * Type of connector, such as Salesforce, Amplitude, and so on. Valid values are `Salesforce`, `Singular`, `Slack`, `Redshift`, `S3`, `Marketo`, `Googleanalytics`, `Zendesk`, `Servicenow`, `Datadog`, `Trendmicro`, `Snowflake`, `Dynatrace`, `Infornexus`, `Amplitude`, `Veeva`, `EventBridge`, `LookoutMetrics`, `Upsolver`, `Honeycode`, `CustomerProfiles`, `SAPOData`, and `CustomConnector`. */ connectorType: pulumi.Input; /** * Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull. See Incremental Pull Config for more details. */ incrementalPullConfig?: pulumi.Input; /** * Information that is required to query a particular source connector. See Source Connector Properties for details. */ sourceConnectorProperties: pulumi.Input; } export interface FlowSourceFlowConfigIncrementalPullConfig { /** * Field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source. */ datetimeTypeFieldName?: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorProperties { /** * Information that is required for querying Amplitude. See Generic Source Properties for more details. */ amplitude?: pulumi.Input; /** * Properties that are applied when the custom connector is being used as a source. See Custom Connector Source Properties. */ customConnector?: pulumi.Input; /** * Information that is required for querying Datadog. See Generic Source Properties for more details. */ datadog?: pulumi.Input; /** * Operation to be performed on the provided Dynatrace source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ dynatrace?: pulumi.Input; /** * Operation to be performed on the provided Google Analytics source fields. Valid values are `PROJECTION` and `BETWEEN`. */ googleAnalytics?: pulumi.Input; /** * Information that is required for querying Infor Nexus. See Generic Source Properties for more details. */ inforNexus?: pulumi.Input; /** * Information that is required for querying Marketo. See Generic Source Properties for more details. */ marketo?: pulumi.Input; /** * Information that is required for querying Amazon S3. See S3 Source Properties for more details. */ s3?: pulumi.Input; /** * Information that is required for querying Salesforce. See Salesforce Source Properties for more details. */ salesforce?: pulumi.Input; /** * Information that is required for querying SAPOData as a flow source. See SAPO Source Properties for more details. */ sapoData?: pulumi.Input; /** * Information that is required for querying ServiceNow. See Generic Source Properties for more details. */ serviceNow?: pulumi.Input; /** * Information that is required for querying Singular. See Generic Source Properties for more details. */ singular?: pulumi.Input; /** * Information that is required for querying Slack. See Generic Source Properties for more details. */ slack?: pulumi.Input; /** * Operation to be performed on the provided Trend Micro source fields. Valid values are `PROJECTION`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ trendmicro?: pulumi.Input; /** * Information that is required for querying Veeva. See Veeva Source Properties for more details. */ veeva?: pulumi.Input; /** * Information that is required for querying Zendesk. See Generic Source Properties for more details. */ zendesk?: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesAmplitude { /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesCustomConnector { /** * Custom properties that are specific to the connector when it's used as a destination in the flow. Maximum of 50 items. */ customProperties?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Entity specified in the custom connector as a destination in the flow. */ entityName: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesDatadog { /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesDynatrace { /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesGoogleAnalytics { /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesInforNexus { /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesMarketo { /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesS3 { /** * Amazon S3 bucket name in which Amazon AppFlow places the transferred data. */ bucketName: pulumi.Input; /** * Object key for the bucket in which Amazon AppFlow places the destination files. */ bucketPrefix?: pulumi.Input; /** * When you use Amazon S3 as the source, the configuration format that you provide the flow input data. See S3 Input Format Config for details. */ s3InputFormatConfig?: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesS3S3InputFormatConfig { /** * File type that Amazon AppFlow gets from your Amazon S3 bucket. Valid values are `CSV` and `JSON`. */ s3InputFileType?: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesSalesforce { /** * Flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow. */ enableDynamicFieldUpdate?: pulumi.Input; /** * Whether Amazon AppFlow includes deleted files in the flow run. */ includeDeletedRecords?: pulumi.Input; /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesSapoData { /** * Object path specified in the SAPOData flow destination. */ objectPath: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesServiceNow { /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesSingular { /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesSlack { /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesTrendmicro { /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesVeeva { /** * Document type specified in the Veeva document extract flow. */ documentType?: pulumi.Input; /** * Boolean value to include All Versions of files in Veeva document extract flow. */ includeAllVersions?: pulumi.Input; /** * Boolean value to include file renditions in Veeva document extract flow. */ includeRenditions?: pulumi.Input; /** * Boolean value to include source files in Veeva document extract flow. */ includeSourceFiles?: pulumi.Input; /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesZendesk { /** * Object specified in the flow destination. */ object: pulumi.Input; } export interface FlowTask { /** * Operation to be performed on the provided source fields. See Connector Operator for details. */ connectorOperators?: pulumi.Input[]>; /** * Field in a destination connector, or a field value against which Amazon AppFlow validates a source field. */ destinationField?: pulumi.Input; /** * Source fields to which a particular task is applied. */ sourceFields: pulumi.Input[]>; /** * Map used to store task-related information. The execution service looks for particular information based on the `TaskType`. Valid keys are `VALUE`, `VALUES`, `DATA_TYPE`, `UPPER_BOUND`, `LOWER_BOUND`, `SOURCE_DATA_TYPE`, `DESTINATION_DATA_TYPE`, `VALIDATION_ACTION`, `MASK_VALUE`, `MASK_LENGTH`, `TRUNCATE_LENGTH`, `MATH_OPERATION_FIELDS_ORDER`, `CONCAT_FORMAT`, `SUBFIELD_CATEGORY_MAP`, and `EXCLUDE_SOURCE_FIELDS_LIST`. */ taskProperties?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Particular task implementation that Amazon AppFlow performs. Valid values are `Arithmetic`, `Filter`, `Map`, `Map_all`, `Mask`, `Merge`, `Passthrough`, `Truncate`, and `Validate`. */ taskType: pulumi.Input; } export interface FlowTaskConnectorOperator { /** * Operation to be performed on the provided Amplitude source fields. The only valid value is `BETWEEN`. */ amplitude?: pulumi.Input; /** * Operators supported by the custom connector. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ customConnector?: pulumi.Input; /** * Operation to be performed on the provided Datadog source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ datadog?: pulumi.Input; /** * Operation to be performed on the provided Dynatrace source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ dynatrace?: pulumi.Input; /** * Operation to be performed on the provided Google Analytics source fields. Valid values are `PROJECTION` and `BETWEEN`. */ googleAnalytics?: pulumi.Input; /** * Operation to be performed on the provided Infor Nexus source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ inforNexus?: pulumi.Input; /** * Operation to be performed on the provided Marketo source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ marketo?: pulumi.Input; /** * Operation to be performed on the provided Amazon S3 source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ s3?: pulumi.Input; /** * Operation to be performed on the provided Salesforce source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ salesforce?: pulumi.Input; /** * Operation to be performed on the provided SAPOData source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ sapoData?: pulumi.Input; /** * Operation to be performed on the provided ServiceNow source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ serviceNow?: pulumi.Input; /** * Operation to be performed on the provided Singular source fields. Valid values are `PROJECTION`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ singular?: pulumi.Input; /** * Operation to be performed on the provided Slack source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ slack?: pulumi.Input; /** * Operation to be performed on the provided Trend Micro source fields. Valid values are `PROJECTION`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ trendmicro?: pulumi.Input; /** * Operation to be performed on the provided Veeva source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ veeva?: pulumi.Input; /** * Operation to be performed on the provided Zendesk source fields. Valid values are `PROJECTION`, `GREATER_THAN`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ zendesk?: pulumi.Input; } export interface FlowTriggerConfig { /** * Configuration details of a schedule-triggered flow as defined by the user. Currently, these settings only apply to the `Scheduled` trigger type. See Scheduled Trigger Properties for details. */ triggerProperties?: pulumi.Input; /** * Type of flow trigger. Valid values are `Scheduled`, `Event`, and `OnDemand`. */ triggerType: pulumi.Input; } export interface FlowTriggerConfigTriggerProperties { scheduled?: pulumi.Input; } export interface FlowTriggerConfigTriggerPropertiesScheduled { /** * Whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run. Valid values are `Incremental` and `Complete`. */ dataPullMode?: pulumi.Input; /** * Date range for the records to import from the connector in the first flow run. Must be a valid RFC3339 timestamp. */ firstExecutionFrom?: pulumi.Input; /** * Scheduled end time for a schedule-triggered flow. Must be a valid RFC3339 timestamp. */ scheduleEndTime?: pulumi.Input; /** * Scheduling expression that determines the rate at which the schedule will run, for example `rate(5minutes)`. */ scheduleExpression: pulumi.Input; /** * Optional offset that is added to the time interval for a schedule-triggered flow. Maximum value of 36000. */ scheduleOffset?: pulumi.Input; /** * Scheduled start time for a schedule-triggered flow. Must be a valid RFC3339 timestamp. */ scheduleStartTime?: pulumi.Input; /** * Time zone used when referring to the date and time of a scheduled-triggered flow, such as `America/New_York`. */ timezone?: pulumi.Input; } } export namespace appintegrations { export interface DataIntegrationScheduleConfig { /** * The start date for objects to import in the first flow run as an Unix/epoch timestamp in milliseconds or in ISO-8601 format. This needs to be a time in the past, meaning that the data created or updated before this given date will not be downloaded. */ firstExecutionFrom: pulumi.Input; /** * The name of the object to pull from the data source. Examples of objects in Salesforce include `Case`, `Account`, or `Lead`. */ object: pulumi.Input; /** * How often the data should be pulled from data source. Examples include `rate(1 hour)`, `rate(3 hours)`, `rate(1 day)`. */ scheduleExpression: pulumi.Input; } } export namespace appmesh { export interface GatewayRouteSpec { /** * Specification of a gRPC gateway route. */ grpcRoute?: pulumi.Input; /** * Specification of an HTTP/2 gateway route. */ http2Route?: pulumi.Input; /** * Specification of an HTTP gateway route. */ httpRoute?: pulumi.Input; /** * Priority for the gateway route, between `0` and `1000`. */ priority?: pulumi.Input; } export interface GatewayRouteSpecGrpcRoute { /** * Action to take if a match is determined. */ action: pulumi.Input; /** * Criteria for determining a request match. */ match: pulumi.Input; } export interface GatewayRouteSpecGrpcRouteAction { /** * Target that traffic is routed to when a request matches the gateway route. */ target: pulumi.Input; } export interface GatewayRouteSpecGrpcRouteActionTarget { /** * The port number that corresponds to the target for Virtual Service provider port. This is required when the provider (router or node) of the Virtual Service has multiple listeners. */ port?: pulumi.Input; /** * Virtual service gateway route target. */ virtualService: pulumi.Input; } export interface GatewayRouteSpecGrpcRouteActionTargetVirtualService { /** * Name of the virtual service that traffic is routed to. Must be between 1 and 255 characters in length. */ virtualServiceName: pulumi.Input; } export interface GatewayRouteSpecGrpcRouteMatch { /** * The port number that corresponds to the target for Virtual Service provider port. This is required when the provider (router or node) of the Virtual Service has multiple listeners. */ port?: pulumi.Input; /** * Fully qualified domain name for the service to match from the request. */ serviceName: pulumi.Input; } export interface GatewayRouteSpecHttp2Route { /** * Action to take if a match is determined. */ action: pulumi.Input; /** * Criteria for determining a request match. */ match: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteAction { /** * Gateway route action to rewrite. */ rewrite?: pulumi.Input; /** * Target that traffic is routed to when a request matches the gateway route. */ target: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteActionRewrite { /** * Host name to rewrite. */ hostname?: pulumi.Input; /** * Exact path to rewrite. */ path?: pulumi.Input; /** * Specified beginning characters to rewrite. */ prefix?: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteActionRewriteHostname { /** * Default target host name to write to. Valid values: `ENABLED`, `DISABLED`. */ defaultTargetHostname: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteActionRewritePath { /** * The exact path to match on. */ exact: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteActionRewritePrefix { /** * Default prefix used to replace the incoming route prefix when rewritten. Valid values: `ENABLED`, `DISABLED`. */ defaultPrefix?: pulumi.Input; /** * Value used to replace the incoming route prefix when rewritten. */ value?: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteActionTarget { /** * The port number that corresponds to the target for Virtual Service provider port. This is required when the provider (router or node) of the Virtual Service has multiple listeners. */ port?: pulumi.Input; /** * Virtual service gateway route target. */ virtualService: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteActionTargetVirtualService { /** * Name of the virtual service that traffic is routed to. Must be between 1 and 255 characters in length. */ virtualServiceName: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteMatch { /** * Client request headers to match on. */ headers?: pulumi.Input[]>; /** * Host name to rewrite. */ hostname?: pulumi.Input; /** * Exact path to rewrite. */ path?: pulumi.Input; /** * The port number that corresponds to the target for Virtual Service provider port. This is required when the provider (router or node) of the Virtual Service has multiple listeners. */ port?: pulumi.Input; /** * Specified beginning characters to rewrite. */ prefix?: pulumi.Input; /** * Client request query parameters to match on. */ queryParameters?: pulumi.Input[]>; } export interface GatewayRouteSpecHttp2RouteMatchHeader { /** * If `true`, the match is on the opposite of the `match` method and value. Default is `false`. */ invert?: pulumi.Input; /** * Method and value to match the header value sent with a request. Specify one match method. */ match?: pulumi.Input; /** * Name for the HTTP header in the client request that will be matched on. */ name: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteMatchHeaderMatch { /** * Value used to replace matched path. */ exact?: pulumi.Input; /** * Specified beginning characters to rewrite. */ prefix?: pulumi.Input; /** * Object that specifies the range of numbers that the header value sent by the client must be included in. */ range?: pulumi.Input; /** * Header value sent by the client must include the specified characters. */ regex?: pulumi.Input; /** * Header value sent by the client must end with the specified characters. */ suffix?: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteMatchHeaderMatchRange { /** * End of the range. */ end: pulumi.Input; /** * Start of the range. */ start: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteMatchHostname { /** * Exact host name to match on. */ exact?: pulumi.Input; /** * Specified ending characters of the host name to match on. */ suffix?: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteMatchPath { /** * The exact path to match on. */ exact?: pulumi.Input; /** * The regex used to match the path. */ regex?: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteMatchQueryParameter { /** * The query parameter to match on. */ match?: pulumi.Input; /** * Name for the query parameter that will be matched on. */ name: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteMatchQueryParameterMatch { /** * Value used to replace matched path. */ exact?: pulumi.Input; } export interface GatewayRouteSpecHttpRoute { /** * Action to take if a match is determined. */ action: pulumi.Input; /** * Criteria for determining a request match. */ match: pulumi.Input; } export interface GatewayRouteSpecHttpRouteAction { /** * Gateway route action to rewrite. */ rewrite?: pulumi.Input; /** * Target that traffic is routed to when a request matches the gateway route. */ target: pulumi.Input; } export interface GatewayRouteSpecHttpRouteActionRewrite { /** * Host name to rewrite. */ hostname?: pulumi.Input; /** * Exact path to rewrite. */ path?: pulumi.Input; /** * Specified beginning characters to rewrite. */ prefix?: pulumi.Input; } export interface GatewayRouteSpecHttpRouteActionRewriteHostname { /** * Default target host name to write to. Valid values: `ENABLED`, `DISABLED`. */ defaultTargetHostname: pulumi.Input; } export interface GatewayRouteSpecHttpRouteActionRewritePath { /** * The exact path to match on. */ exact: pulumi.Input; } export interface GatewayRouteSpecHttpRouteActionRewritePrefix { /** * Default prefix used to replace the incoming route prefix when rewritten. Valid values: `ENABLED`, `DISABLED`. */ defaultPrefix?: pulumi.Input; /** * Value used to replace the incoming route prefix when rewritten. */ value?: pulumi.Input; } export interface GatewayRouteSpecHttpRouteActionTarget { /** * The port number that corresponds to the target for Virtual Service provider port. This is required when the provider (router or node) of the Virtual Service has multiple listeners. */ port?: pulumi.Input; /** * Virtual service gateway route target. */ virtualService: pulumi.Input; } export interface GatewayRouteSpecHttpRouteActionTargetVirtualService { /** * Name of the virtual service that traffic is routed to. Must be between 1 and 255 characters in length. */ virtualServiceName: pulumi.Input; } export interface GatewayRouteSpecHttpRouteMatch { /** * Client request headers to match on. */ headers?: pulumi.Input[]>; /** * Host name to rewrite. */ hostname?: pulumi.Input; /** * Exact path to rewrite. */ path?: pulumi.Input; /** * The port number that corresponds to the target for Virtual Service provider port. This is required when the provider (router or node) of the Virtual Service has multiple listeners. */ port?: pulumi.Input; /** * Specified beginning characters to rewrite. */ prefix?: pulumi.Input; /** * Client request query parameters to match on. */ queryParameters?: pulumi.Input[]>; } export interface GatewayRouteSpecHttpRouteMatchHeader { /** * If `true`, the match is on the opposite of the `match` method and value. Default is `false`. */ invert?: pulumi.Input; /** * Method and value to match the header value sent with a request. Specify one match method. */ match?: pulumi.Input; /** * Name for the HTTP header in the client request that will be matched on. */ name: pulumi.Input; } export interface GatewayRouteSpecHttpRouteMatchHeaderMatch { /** * Value used to replace matched path. */ exact?: pulumi.Input; /** * Specified beginning characters to rewrite. */ prefix?: pulumi.Input; /** * Object that specifies the range of numbers that the header value sent by the client must be included in. */ range?: pulumi.Input; /** * Header value sent by the client must include the specified characters. */ regex?: pulumi.Input; /** * Header value sent by the client must end with the specified characters. */ suffix?: pulumi.Input; } export interface GatewayRouteSpecHttpRouteMatchHeaderMatchRange { /** * End of the range. */ end: pulumi.Input; /** * Start of the range. */ start: pulumi.Input; } export interface GatewayRouteSpecHttpRouteMatchHostname { /** * Exact host name to match on. */ exact?: pulumi.Input; /** * Specified ending characters of the host name to match on. */ suffix?: pulumi.Input; } export interface GatewayRouteSpecHttpRouteMatchPath { /** * The exact path to match on. */ exact?: pulumi.Input; /** * The regex used to match the path. */ regex?: pulumi.Input; } export interface GatewayRouteSpecHttpRouteMatchQueryParameter { /** * The query parameter to match on. */ match?: pulumi.Input; /** * Name for the query parameter that will be matched on. */ name: pulumi.Input; } export interface GatewayRouteSpecHttpRouteMatchQueryParameterMatch { /** * Value used to replace matched path. */ exact?: pulumi.Input; } export interface MeshSpec { /** * Egress filter rules for the service mesh. */ egressFilter?: pulumi.Input; } export interface MeshSpecEgressFilter { /** * Egress filter type. By default, the type is `DROP_ALL`. * Valid values are `ALLOW_ALL` and `DROP_ALL`. */ type?: pulumi.Input; } export interface RouteSpec { /** * GRPC routing information for the route. */ grpcRoute?: pulumi.Input; /** * HTTP/2 routing information for the route. */ http2Route?: pulumi.Input; /** * HTTP routing information for the route. */ httpRoute?: pulumi.Input; /** * Priority for the route, between `0` and `1000`. * Routes are matched based on the specified value, where `0` is the highest priority. */ priority?: pulumi.Input; /** * TCP routing information for the route. */ tcpRoute?: pulumi.Input; } export interface RouteSpecGrpcRoute { /** * Action to take if a match is determined. */ action: pulumi.Input; /** * Criteria for determining an gRPC request match. */ match?: pulumi.Input; /** * Retry policy. */ retryPolicy?: pulumi.Input; /** * Types of timeouts. */ timeout?: pulumi.Input; } export interface RouteSpecGrpcRouteAction { /** * Targets that traffic is routed to when a request matches the route. * You can specify one or more targets and their relative weights with which to distribute traffic. */ weightedTargets: pulumi.Input[]>; } export interface RouteSpecGrpcRouteActionWeightedTarget { /** * The targeted port of the weighted object. */ port?: pulumi.Input; /** * Virtual node to associate with the weighted target. Must be between 1 and 255 characters in length. */ virtualNode: pulumi.Input; /** * Relative weight of the weighted target. An integer between 0 and 100. */ weight: pulumi.Input; } export interface RouteSpecGrpcRouteMatch { /** * Data to match from the gRPC request. */ metadatas?: pulumi.Input[]>; /** * Method name to match from the request. If you specify a name, you must also specify a `serviceName`. */ methodName?: pulumi.Input; /** * The port number to match from the request. */ port?: pulumi.Input; /** * Value sent by the client must begin with the specified characters. Must be between 1 and 255 characters in length. * This parameter must always start with /, which by itself matches all requests to the virtual router service name. */ prefix?: pulumi.Input; /** * Fully qualified domain name for the service to match from the request. */ serviceName?: pulumi.Input; } export interface RouteSpecGrpcRouteMatchMetadata { /** * If `true`, the match is on the opposite of the `match` criteria. Default is `false`. */ invert?: pulumi.Input; /** * Data to match from the request. */ match?: pulumi.Input; /** * Name of the route. Must be between 1 and 50 characters in length. */ name: pulumi.Input; } export interface RouteSpecGrpcRouteMatchMetadataMatch { /** * The exact path to match on. */ exact?: pulumi.Input; /** * Value sent by the client must begin with the specified characters. Must be between 1 and 255 characters in length. * This parameter must always start with /, which by itself matches all requests to the virtual router service name. */ prefix?: pulumi.Input; /** * Object that specifies the range of numbers that the value sent by the client must be included in. */ range?: pulumi.Input; /** * The regex used to match the path. */ regex?: pulumi.Input; /** * Value sent by the client must end with the specified characters. Must be between 1 and 255 characters in length. */ suffix?: pulumi.Input; } export interface RouteSpecGrpcRouteMatchMetadataMatchRange { /** * End of the range. */ end: pulumi.Input; /** * Start of the range. */ start: pulumi.Input; } export interface RouteSpecGrpcRouteRetryPolicy { /** * List of gRPC retry events. * Valid values: `cancelled`, `deadline-exceeded`, `internal`, `resource-exhausted`, `unavailable`. */ grpcRetryEvents?: pulumi.Input[]>; /** * List of HTTP retry events. * Valid values: `client-error` (HTTP status code 409), `gateway-error` (HTTP status codes 502, 503, and 504), `server-error` (HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511), `stream-error` (retry on refused stream). * Valid values: `client-error` (HTTP status code 409), `gateway-error` (HTTP status codes 502, 503, and 504), `server-error` (HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511), `stream-error` (retry on refused stream). */ httpRetryEvents?: pulumi.Input[]>; /** * Maximum number of retries. */ maxRetries: pulumi.Input; /** * Per-retry timeout. */ perRetryTimeout: pulumi.Input; /** * List of TCP retry events. The only valid value is `connection-error`. * * * You must specify at least one value for `httpRetryEvents`, or at least one value for `tcpRetryEvents`. */ tcpRetryEvents?: pulumi.Input[]>; } export interface RouteSpecGrpcRouteRetryPolicyPerRetryTimeout { /** * Retry unit. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Retry value. */ value: pulumi.Input; } export interface RouteSpecGrpcRouteTimeout { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; /** * Per request timeout. */ perRequest?: pulumi.Input; } export interface RouteSpecGrpcRouteTimeoutIdle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface RouteSpecGrpcRouteTimeoutPerRequest { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface RouteSpecHttp2Route { /** * Action to take if a match is determined. */ action: pulumi.Input; /** * Criteria for determining an gRPC request match. */ match: pulumi.Input; /** * Retry policy. */ retryPolicy?: pulumi.Input; /** * Types of timeouts. */ timeout?: pulumi.Input; } export interface RouteSpecHttp2RouteAction { /** * Targets that traffic is routed to when a request matches the route. * You can specify one or more targets and their relative weights with which to distribute traffic. */ weightedTargets: pulumi.Input[]>; } export interface RouteSpecHttp2RouteActionWeightedTarget { /** * The targeted port of the weighted object. */ port?: pulumi.Input; /** * Virtual node to associate with the weighted target. Must be between 1 and 255 characters in length. */ virtualNode: pulumi.Input; /** * Relative weight of the weighted target. An integer between 0 and 100. */ weight: pulumi.Input; } export interface RouteSpecHttp2RouteMatch { /** * Client request headers to match on. */ headers?: pulumi.Input[]>; /** * Client request header method to match on. Valid values: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. */ method?: pulumi.Input; /** * Client request path to match on. */ path?: pulumi.Input; /** * The port number to match from the request. */ port?: pulumi.Input; /** * Value sent by the client must begin with the specified characters. Must be between 1 and 255 characters in length. * This parameter must always start with /, which by itself matches all requests to the virtual router service name. */ prefix?: pulumi.Input; /** * Client request query parameters to match on. */ queryParameters?: pulumi.Input[]>; /** * Client request header scheme to match on. Valid values: `http`, `https`. */ scheme?: pulumi.Input; } export interface RouteSpecHttp2RouteMatchHeader { /** * If `true`, the match is on the opposite of the `match` method and value. Default is `false`. */ invert?: pulumi.Input; /** * Method and value to match the header value sent with a request. Specify one match method. */ match?: pulumi.Input; /** * Name for the HTTP header in the client request that will be matched on. */ name: pulumi.Input; } export interface RouteSpecHttp2RouteMatchHeaderMatch { /** * The exact path to match on. */ exact?: pulumi.Input; /** * Value sent by the client must begin with the specified characters. Must be between 1 and 255 characters in length. * This parameter must always start with /, which by itself matches all requests to the virtual router service name. */ prefix?: pulumi.Input; /** * Object that specifies the range of numbers that the value sent by the client must be included in. */ range?: pulumi.Input; /** * The regex used to match the path. */ regex?: pulumi.Input; /** * Value sent by the client must end with the specified characters. Must be between 1 and 255 characters in length. */ suffix?: pulumi.Input; } export interface RouteSpecHttp2RouteMatchHeaderMatchRange { /** * End of the range. */ end: pulumi.Input; /** * Start of the range. */ start: pulumi.Input; } export interface RouteSpecHttp2RouteMatchPath { /** * Value sent by the client must match the specified value exactly. Must be between 1 and 255 characters in length. */ exact?: pulumi.Input; /** * Value sent by the client must include the specified characters. Must be between 1 and 255 characters in length. */ regex?: pulumi.Input; } export interface RouteSpecHttp2RouteMatchQueryParameter { /** * Criteria for determining an gRPC request match. */ match?: pulumi.Input; /** * Name to use for the route. Must be between 1 and 255 characters in length. */ name: pulumi.Input; } export interface RouteSpecHttp2RouteMatchQueryParameterMatch { /** * The exact path to match on. */ exact?: pulumi.Input; } export interface RouteSpecHttp2RouteRetryPolicy { /** * List of HTTP retry events. * Valid values: `client-error` (HTTP status code 409), `gateway-error` (HTTP status codes 502, 503, and 504), `server-error` (HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511), `stream-error` (retry on refused stream). * Valid values: `client-error` (HTTP status code 409), `gateway-error` (HTTP status codes 502, 503, and 504), `server-error` (HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511), `stream-error` (retry on refused stream). */ httpRetryEvents?: pulumi.Input[]>; /** * Maximum number of retries. */ maxRetries: pulumi.Input; /** * Per-retry timeout. */ perRetryTimeout: pulumi.Input; /** * List of TCP retry events. The only valid value is `connection-error`. * * * You must specify at least one value for `httpRetryEvents`, or at least one value for `tcpRetryEvents`. */ tcpRetryEvents?: pulumi.Input[]>; } export interface RouteSpecHttp2RouteRetryPolicyPerRetryTimeout { /** * Retry unit. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Retry value. */ value: pulumi.Input; } export interface RouteSpecHttp2RouteTimeout { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; /** * Per request timeout. */ perRequest?: pulumi.Input; } export interface RouteSpecHttp2RouteTimeoutIdle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface RouteSpecHttp2RouteTimeoutPerRequest { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface RouteSpecHttpRoute { /** * Action to take if a match is determined. */ action: pulumi.Input; /** * Criteria for determining an HTTP request match. */ match: pulumi.Input; /** * Retry policy. */ retryPolicy?: pulumi.Input; /** * Types of timeouts. */ timeout?: pulumi.Input; } export interface RouteSpecHttpRouteAction { /** * Targets that traffic is routed to when a request matches the route. * You can specify one or more targets and their relative weights with which to distribute traffic. */ weightedTargets: pulumi.Input[]>; } export interface RouteSpecHttpRouteActionWeightedTarget { /** * The targeted port of the weighted object. */ port?: pulumi.Input; /** * Virtual node to associate with the weighted target. Must be between 1 and 255 characters in length. */ virtualNode: pulumi.Input; /** * Relative weight of the weighted target. An integer between 0 and 100. */ weight: pulumi.Input; } export interface RouteSpecHttpRouteMatch { /** * Client request headers to match on. */ headers?: pulumi.Input[]>; /** * Client request header method to match on. Valid values: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. */ method?: pulumi.Input; /** * Client request path to match on. */ path?: pulumi.Input; /** * The port number to match from the request. */ port?: pulumi.Input; /** * Value sent by the client must begin with the specified characters. Must be between 1 and 255 characters in length. * This parameter must always start with /, which by itself matches all requests to the virtual router service name. */ prefix?: pulumi.Input; /** * Client request query parameters to match on. */ queryParameters?: pulumi.Input[]>; /** * Client request header scheme to match on. Valid values: `http`, `https`. */ scheme?: pulumi.Input; } export interface RouteSpecHttpRouteMatchHeader { /** * If `true`, the match is on the opposite of the `match` method and value. Default is `false`. */ invert?: pulumi.Input; /** * Method and value to match the header value sent with a request. Specify one match method. */ match?: pulumi.Input; /** * Name for the HTTP header in the client request that will be matched on. */ name: pulumi.Input; } export interface RouteSpecHttpRouteMatchHeaderMatch { /** * The exact path to match on. */ exact?: pulumi.Input; /** * Value sent by the client must begin with the specified characters. Must be between 1 and 255 characters in length. * This parameter must always start with /, which by itself matches all requests to the virtual router service name. */ prefix?: pulumi.Input; /** * Object that specifies the range of numbers that the value sent by the client must be included in. */ range?: pulumi.Input; /** * The regex used to match the path. */ regex?: pulumi.Input; /** * Value sent by the client must end with the specified characters. Must be between 1 and 255 characters in length. */ suffix?: pulumi.Input; } export interface RouteSpecHttpRouteMatchHeaderMatchRange { /** * End of the range. */ end: pulumi.Input; /** * Start of the range. */ start: pulumi.Input; } export interface RouteSpecHttpRouteMatchPath { /** * Value sent by the client must match the specified value exactly. Must be between 1 and 255 characters in length. */ exact?: pulumi.Input; /** * Value sent by the client must include the specified characters. Must be between 1 and 255 characters in length. */ regex?: pulumi.Input; } export interface RouteSpecHttpRouteMatchQueryParameter { /** * Criteria for determining an gRPC request match. */ match?: pulumi.Input; /** * Name to use for the route. Must be between 1 and 255 characters in length. */ name: pulumi.Input; } export interface RouteSpecHttpRouteMatchQueryParameterMatch { /** * The exact path to match on. */ exact?: pulumi.Input; } export interface RouteSpecHttpRouteRetryPolicy { /** * List of HTTP retry events. * Valid values: `client-error` (HTTP status code 409), `gateway-error` (HTTP status codes 502, 503, and 504), `server-error` (HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511), `stream-error` (retry on refused stream). * Valid values: `client-error` (HTTP status code 409), `gateway-error` (HTTP status codes 502, 503, and 504), `server-error` (HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511), `stream-error` (retry on refused stream). */ httpRetryEvents?: pulumi.Input[]>; /** * Maximum number of retries. */ maxRetries: pulumi.Input; /** * Per-retry timeout. */ perRetryTimeout: pulumi.Input; /** * List of TCP retry events. The only valid value is `connection-error`. * * * You must specify at least one value for `httpRetryEvents`, or at least one value for `tcpRetryEvents`. */ tcpRetryEvents?: pulumi.Input[]>; } export interface RouteSpecHttpRouteRetryPolicyPerRetryTimeout { /** * Retry unit. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Retry value. */ value: pulumi.Input; } export interface RouteSpecHttpRouteTimeout { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; /** * Per request timeout. */ perRequest?: pulumi.Input; } export interface RouteSpecHttpRouteTimeoutIdle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface RouteSpecHttpRouteTimeoutPerRequest { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface RouteSpecTcpRoute { /** * Action to take if a match is determined. */ action: pulumi.Input; /** * Criteria for determining an gRPC request match. */ match?: pulumi.Input; /** * Types of timeouts. */ timeout?: pulumi.Input; } export interface RouteSpecTcpRouteAction { /** * Targets that traffic is routed to when a request matches the route. * You can specify one or more targets and their relative weights with which to distribute traffic. */ weightedTargets: pulumi.Input[]>; } export interface RouteSpecTcpRouteActionWeightedTarget { /** * The targeted port of the weighted object. */ port?: pulumi.Input; /** * Virtual node to associate with the weighted target. Must be between 1 and 255 characters in length. */ virtualNode: pulumi.Input; /** * Relative weight of the weighted target. An integer between 0 and 100. */ weight: pulumi.Input; } export interface RouteSpecTcpRouteMatch { /** * The port number to match from the request. */ port?: pulumi.Input; } export interface RouteSpecTcpRouteTimeout { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; } export interface RouteSpecTcpRouteTimeoutIdle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualGatewaySpec { /** * Defaults for backends. */ backendDefaults?: pulumi.Input; /** * Listeners that the mesh endpoint is expected to receive inbound traffic from. You can specify one listener. */ listeners: pulumi.Input[]>; /** * Inbound and outbound access logging information for the virtual gateway. */ logging?: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaults { /** * Default client policy for virtual gateway backends. */ clientPolicy?: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicy { /** * Transport Layer Security (TLS) client policy. */ tls?: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTls { /** * Listener's TLS certificate. */ certificate?: pulumi.Input; /** * Whether the policy is enforced. Default is `true`. */ enforce?: pulumi.Input; /** * One or more ports that the policy is enforced for. */ ports?: pulumi.Input[]>; /** * Listener's Transport Layer Security (TLS) validation context. */ validation: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificate { /** * Local file certificate. */ file?: pulumi.Input; /** * A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificateFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; /** * Private key for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ privateKey: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificateSds { /** * Name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidation { /** * SANs for a virtual gateway's listener's Transport Layer Security (TLS) validation context. */ subjectAlternativeNames?: pulumi.Input; /** * TLS validation context trust. */ trust: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNames { /** * Criteria for determining a SAN's match. */ match: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNamesMatch { /** * Values sent must match the specified values exactly. */ exacts: pulumi.Input[]>; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrust { /** * TLS validation context trust for an AWS Certificate Manager (ACM) certificate. */ acm?: pulumi.Input; /** * TLS validation context trust for a local file certificate. */ file?: pulumi.Input; /** * TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustAcm { /** * One or more ACM ARNs. */ certificateAuthorityArns: pulumi.Input[]>; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustSds { /** * Name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualGatewaySpecListener { /** * Connection pool information for the listener. */ connectionPool?: pulumi.Input; /** * Health check information for the listener. */ healthCheck?: pulumi.Input; /** * Port mapping information for the listener. */ portMapping: pulumi.Input; /** * Transport Layer Security (TLS) properties for the listener */ tls?: pulumi.Input; } export interface VirtualGatewaySpecListenerConnectionPool { /** * Connection pool information for gRPC listeners. */ grpc?: pulumi.Input; /** * Connection pool information for HTTP listeners. */ http?: pulumi.Input; /** * Connection pool information for HTTP2 listeners. */ http2?: pulumi.Input; } export interface VirtualGatewaySpecListenerConnectionPoolGrpc { /** * Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster. Minimum value of `1`. */ maxRequests: pulumi.Input; } export interface VirtualGatewaySpecListenerConnectionPoolHttp { /** * Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster. Minimum value of `1`. */ maxConnections: pulumi.Input; /** * Number of overflowing requests after `maxConnections` Envoy will queue to upstream cluster. Minimum value of `1`. * * The `http2` connection pool object supports the following: */ maxPendingRequests?: pulumi.Input; } export interface VirtualGatewaySpecListenerConnectionPoolHttp2 { /** * Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster. Minimum value of `1`. */ maxRequests: pulumi.Input; } export interface VirtualGatewaySpecListenerHealthCheck { /** * Number of consecutive successful health checks that must occur before declaring listener healthy. */ healthyThreshold: pulumi.Input; /** * Time period in milliseconds between each health check execution. */ intervalMillis: pulumi.Input; /** * Destination path for the health check request. This is only required if the specified protocol is `http` or `http2`. */ path?: pulumi.Input; /** * Destination port for the health check request. This port must match the port defined in the `portMapping` for the listener. */ port?: pulumi.Input; /** * Protocol for the health check request. Valid values are `http`, `http2`, and `grpc`. */ protocol: pulumi.Input; /** * Amount of time to wait when receiving a response from the health check, in milliseconds. */ timeoutMillis: pulumi.Input; /** * Number of consecutive failed health checks that must occur before declaring a virtual gateway unhealthy. */ unhealthyThreshold: pulumi.Input; } export interface VirtualGatewaySpecListenerPortMapping { /** * Port used for the port mapping. */ port: pulumi.Input; /** * Protocol used for the port mapping. Valid values are `http`, `http2`, `tcp` and `grpc`. */ protocol: pulumi.Input; } export interface VirtualGatewaySpecListenerTls { /** * Listener's TLS certificate. */ certificate: pulumi.Input; /** * Listener's TLS mode. Valid values: `DISABLED`, `PERMISSIVE`, `STRICT`. */ mode: pulumi.Input; /** * Listener's Transport Layer Security (TLS) validation context. */ validation?: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsCertificate { /** * An AWS Certificate Manager (ACM) certificate. */ acm?: pulumi.Input; /** * Local file certificate. */ file?: pulumi.Input; /** * A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsCertificateAcm { /** * ARN for the certificate. */ certificateArn: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsCertificateFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; /** * Private key for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ privateKey: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsCertificateSds { /** * Name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsValidation { /** * SANs for a virtual gateway's listener's Transport Layer Security (TLS) validation context. */ subjectAlternativeNames?: pulumi.Input; /** * TLS validation context trust. */ trust: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsValidationSubjectAlternativeNames { /** * Criteria for determining a SAN's match. */ match: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsValidationSubjectAlternativeNamesMatch { /** * Values sent must match the specified values exactly. */ exacts: pulumi.Input[]>; } export interface VirtualGatewaySpecListenerTlsValidationTrust { /** * TLS validation context trust for a local file certificate. */ file?: pulumi.Input; /** * TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsValidationTrustFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsValidationTrustSds { /** * Name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualGatewaySpecLogging { /** * Access log configuration for a virtual gateway. */ accessLog?: pulumi.Input; } export interface VirtualGatewaySpecLoggingAccessLog { /** * File object to send virtual gateway access logs to. */ file?: pulumi.Input; } export interface VirtualGatewaySpecLoggingAccessLogFile { /** * The specified format for the logs. */ format?: pulumi.Input; /** * File path to write access logs to. You can use `/dev/stdout` to send access logs to standard out. Must be between 1 and 255 characters in length. */ path: pulumi.Input; } export interface VirtualGatewaySpecLoggingAccessLogFileFormat { /** * The logging format for JSON. */ jsons?: pulumi.Input[]>; /** * The logging format for text. Must be between 1 and 1000 characters in length. */ text?: pulumi.Input; } export interface VirtualGatewaySpecLoggingAccessLogFileFormatJson { /** * The specified key for the JSON. Must be between 1 and 100 characters in length. */ key: pulumi.Input; /** * The specified value for the JSON. Must be between 1 and 100 characters in length. */ value: pulumi.Input; } export interface VirtualNodeSpec { /** * Defaults for backends. */ backendDefaults?: pulumi.Input; /** * Backends to which the virtual node is expected to send outbound traffic. */ backends?: pulumi.Input[]>; /** * Listeners from which the virtual node is expected to receive inbound traffic. */ listeners?: pulumi.Input[]>; /** * Inbound and outbound access logging information for the virtual node. */ logging?: pulumi.Input; /** * Service discovery information for the virtual node. */ serviceDiscovery?: pulumi.Input; } export interface VirtualNodeSpecBackend { /** * Virtual service to use as a backend for a virtual node. */ virtualService: pulumi.Input; } export interface VirtualNodeSpecBackendDefaults { /** * Default client policy for virtual service backends. See above for details. */ clientPolicy?: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicy { /** * Transport Layer Security (TLS) client policy. */ tls?: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTls { /** * Listener's TLS certificate. */ certificate?: pulumi.Input; /** * Whether the policy is enforced. Default is `true`. */ enforce?: pulumi.Input; /** * One or more ports that the policy is enforced for. */ ports?: pulumi.Input[]>; /** * Listener's Transport Layer Security (TLS) validation context. */ validation: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificate { /** * Local file certificate. */ file?: pulumi.Input; /** * A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificateFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; /** * Private key for a certificate stored on the file system of the virtual node that the proxy is running on. Must be between 1 and 255 characters in length. */ privateKey: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificateSds { /** * Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsValidation { /** * SANs for a TLS validation context. */ subjectAlternativeNames?: pulumi.Input; /** * TLS validation context trust. */ trust: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNames { /** * Criteria for determining a SAN's match. */ match: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNamesMatch { /** * Values sent must match the specified values exactly. */ exacts: pulumi.Input[]>; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrust { /** * TLS validation context trust for an AWS Certificate Manager (ACM) certificate. */ acm?: pulumi.Input; /** * TLS validation context trust for a local file certificate. */ file?: pulumi.Input; /** * TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustAcm { /** * One or more ACM ARNs. */ certificateAuthorityArns: pulumi.Input[]>; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustSds { /** * Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualService { /** * Client policy for the backend. */ clientPolicy?: pulumi.Input; /** * Name of the virtual service that is acting as a virtual node backend. Must be between 1 and 255 characters in length. */ virtualServiceName: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicy { /** * Transport Layer Security (TLS) client policy. */ tls?: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTls { /** * Listener's TLS certificate. */ certificate?: pulumi.Input; /** * Whether the policy is enforced. Default is `true`. */ enforce?: pulumi.Input; /** * One or more ports that the policy is enforced for. */ ports?: pulumi.Input[]>; /** * Listener's Transport Layer Security (TLS) validation context. */ validation: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificate { /** * Local file certificate. */ file?: pulumi.Input; /** * A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificateFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; /** * Private key for a certificate stored on the file system of the virtual node that the proxy is running on. Must be between 1 and 255 characters in length. */ privateKey: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificateSds { /** * Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidation { /** * SANs for a TLS validation context. */ subjectAlternativeNames?: pulumi.Input; /** * TLS validation context trust. */ trust: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationSubjectAlternativeNames { /** * Criteria for determining a SAN's match. */ match: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationSubjectAlternativeNamesMatch { /** * Values sent must match the specified values exactly. */ exacts: pulumi.Input[]>; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrust { /** * TLS validation context trust for an AWS Certificate Manager (ACM) certificate. */ acm?: pulumi.Input; /** * TLS validation context trust for a local file certificate. */ file?: pulumi.Input; /** * TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustAcm { /** * One or more ACM ARNs. */ certificateAuthorityArns: pulumi.Input[]>; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustSds { /** * Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualNodeSpecListener { /** * Connection pool information for the listener. */ connectionPool?: pulumi.Input; /** * Health check information for the listener. */ healthCheck?: pulumi.Input; /** * Outlier detection information for the listener. */ outlierDetection?: pulumi.Input; /** * Port mapping information for the listener. */ portMapping: pulumi.Input; /** * Timeouts for different protocols. */ timeout?: pulumi.Input; /** * Transport Layer Security (TLS) properties for the listener */ tls?: pulumi.Input; } export interface VirtualNodeSpecListenerConnectionPool { /** * Connection pool information for gRPC listeners. */ grpc?: pulumi.Input; /** * Connection pool information for HTTP2 listeners. */ http2s?: pulumi.Input[]>; /** * Connection pool information for HTTP listeners. */ https?: pulumi.Input[]>; /** * Connection pool information for TCP listeners. */ tcps?: pulumi.Input[]>; } export interface VirtualNodeSpecListenerConnectionPoolGrpc { /** * Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster. Minimum value of `1`. */ maxRequests: pulumi.Input; } export interface VirtualNodeSpecListenerConnectionPoolHttp { /** * Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster. Minimum value of `1`. */ maxConnections: pulumi.Input; /** * Number of overflowing requests after `maxConnections` Envoy will queue to upstream cluster. Minimum value of `1`. * * The `http2` connection pool object supports the following: */ maxPendingRequests?: pulumi.Input; } export interface VirtualNodeSpecListenerConnectionPoolHttp2 { /** * Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster. Minimum value of `1`. */ maxRequests: pulumi.Input; } export interface VirtualNodeSpecListenerConnectionPoolTcp { /** * Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster. Minimum value of `1`. */ maxConnections: pulumi.Input; } export interface VirtualNodeSpecListenerHealthCheck { /** * Number of consecutive successful health checks that must occur before declaring listener healthy. */ healthyThreshold: pulumi.Input; /** * Time period in milliseconds between each health check execution. */ intervalMillis: pulumi.Input; /** * Destination path for the health check request. This is only required if the specified protocol is `http` or `http2`. */ path?: pulumi.Input; /** * Destination port for the health check request. This port must match the port defined in the `portMapping` for the listener. */ port?: pulumi.Input; /** * Protocol for the health check request. Valid values are `http`, `http2`, `tcp` and `grpc`. */ protocol: pulumi.Input; /** * Amount of time to wait when receiving a response from the health check, in milliseconds. */ timeoutMillis: pulumi.Input; /** * Number of consecutive failed health checks that must occur before declaring a virtual node unhealthy. */ unhealthyThreshold: pulumi.Input; } export interface VirtualNodeSpecListenerOutlierDetection { /** * Base amount of time for which a host is ejected. */ baseEjectionDuration: pulumi.Input; /** * Time interval between ejection sweep analysis. */ interval: pulumi.Input; /** * Maximum percentage of hosts in load balancing pool for upstream service that can be ejected. Will eject at least one host regardless of the value. * Minimum value of `0`. Maximum value of `100`. */ maxEjectionPercent: pulumi.Input; /** * Number of consecutive `5xx` errors required for ejection. Minimum value of `1`. */ maxServerErrors: pulumi.Input; } export interface VirtualNodeSpecListenerOutlierDetectionBaseEjectionDuration { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerOutlierDetectionInterval { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * The specified value for the JSON. Must be between 1 and 100 characters in length. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerPortMapping { /** * Port used for the port mapping. */ port: pulumi.Input; /** * Protocol used for the port mapping. Valid values are `http`, `http2`, `tcp` and `grpc`. */ protocol: pulumi.Input; } export interface VirtualNodeSpecListenerTimeout { /** * Timeouts for gRPC listeners. */ grpc?: pulumi.Input; /** * Timeouts for HTTP listeners. */ http?: pulumi.Input; /** * Timeouts for HTTP2 listeners. */ http2?: pulumi.Input; /** * Timeouts for TCP listeners. */ tcp?: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutGrpc { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; /** * Per request timeout. */ perRequest?: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutGrpcIdle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutGrpcPerRequest { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * The specified value for the JSON. Must be between 1 and 100 characters in length. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutHttp { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; /** * Per request timeout. */ perRequest?: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutHttp2 { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; /** * Per request timeout. */ perRequest?: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutHttp2Idle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutHttp2PerRequest { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * The specified value for the JSON. Must be between 1 and 100 characters in length. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutHttpIdle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutHttpPerRequest { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * The specified value for the JSON. Must be between 1 and 100 characters in length. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutTcp { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutTcpIdle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerTls { /** * Listener's TLS certificate. */ certificate: pulumi.Input; /** * Listener's TLS mode. Valid values: `DISABLED`, `PERMISSIVE`, `STRICT`. */ mode: pulumi.Input; /** * Listener's Transport Layer Security (TLS) validation context. */ validation?: pulumi.Input; } export interface VirtualNodeSpecListenerTlsCertificate { /** * An AWS Certificate Manager (ACM) certificate. */ acm?: pulumi.Input; /** * Local file certificate. */ file?: pulumi.Input; /** * A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualNodeSpecListenerTlsCertificateAcm { /** * ARN for the certificate. */ certificateArn: pulumi.Input; } export interface VirtualNodeSpecListenerTlsCertificateFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; /** * Private key for a certificate stored on the file system of the virtual node that the proxy is running on. Must be between 1 and 255 characters in length. */ privateKey: pulumi.Input; } export interface VirtualNodeSpecListenerTlsCertificateSds { /** * Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualNodeSpecListenerTlsValidation { /** * SANs for a TLS validation context. */ subjectAlternativeNames?: pulumi.Input; /** * TLS validation context trust. */ trust: pulumi.Input; } export interface VirtualNodeSpecListenerTlsValidationSubjectAlternativeNames { /** * Criteria for determining a SAN's match. */ match: pulumi.Input; } export interface VirtualNodeSpecListenerTlsValidationSubjectAlternativeNamesMatch { /** * Values sent must match the specified values exactly. */ exacts: pulumi.Input[]>; } export interface VirtualNodeSpecListenerTlsValidationTrust { /** * TLS validation context trust for a local file certificate. */ file?: pulumi.Input; /** * TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualNodeSpecListenerTlsValidationTrustFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; } export interface VirtualNodeSpecListenerTlsValidationTrustSds { /** * Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualNodeSpecLogging { /** * Access log configuration for a virtual node. */ accessLog?: pulumi.Input; } export interface VirtualNodeSpecLoggingAccessLog { /** * File object to send virtual node access logs to. */ file?: pulumi.Input; } export interface VirtualNodeSpecLoggingAccessLogFile { /** * The specified format for the logs. */ format?: pulumi.Input; /** * File path to write access logs to. You can use `/dev/stdout` to send access logs to standard out. Must be between 1 and 255 characters in length. */ path: pulumi.Input; } export interface VirtualNodeSpecLoggingAccessLogFileFormat { /** * The logging format for JSON. */ jsons?: pulumi.Input[]>; /** * The logging format for text. Must be between 1 and 1000 characters in length. */ text?: pulumi.Input; } export interface VirtualNodeSpecLoggingAccessLogFileFormatJson { /** * The specified key for the JSON. Must be between 1 and 100 characters in length. */ key: pulumi.Input; /** * The specified value for the JSON. Must be between 1 and 100 characters in length. */ value: pulumi.Input; } export interface VirtualNodeSpecServiceDiscovery { /** * Any AWS Cloud Map information for the virtual node. */ awsCloudMap?: pulumi.Input; /** * DNS service name for the virtual node. */ dns?: pulumi.Input; } export interface VirtualNodeSpecServiceDiscoveryAwsCloudMap { /** * String map that contains attributes with values that you can use to filter instances by any custom attribute that you specified when you registered the instance. Only instances that match all of the specified key/value pairs will be returned. */ attributes?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Name of the AWS Cloud Map namespace to use. * Use the `aws.servicediscovery.HttpNamespace` resource to configure a Cloud Map namespace. Must be between 1 and 1024 characters in length. */ namespaceName: pulumi.Input; /** * Name of the AWS Cloud Map service to use. Use the `aws.servicediscovery.Service` resource to configure a Cloud Map service. Must be between 1 and 1024 characters in length. */ serviceName: pulumi.Input; } export interface VirtualNodeSpecServiceDiscoveryDns { /** * DNS host name for your virtual node. */ hostname: pulumi.Input; /** * The preferred IP version that this virtual node uses. Valid values: `IPv6_PREFERRED`, `IPv4_PREFERRED`, `IPv4_ONLY`, `IPv6_ONLY`. */ ipPreference?: pulumi.Input; /** * The DNS response type for the virtual node. Valid values: `LOADBALANCER`, `ENDPOINTS`. */ responseType?: pulumi.Input; } export interface VirtualRouterSpec { /** * Listeners that the virtual router is expected to receive inbound traffic from. * Currently only one listener is supported per virtual router. */ listeners?: pulumi.Input[]>; } export interface VirtualRouterSpecListener { /** * Port mapping information for the listener. */ portMapping: pulumi.Input; } export interface VirtualRouterSpecListenerPortMapping { /** * Port used for the port mapping. */ port: pulumi.Input; /** * Protocol used for the port mapping. Valid values are `http`,`http2`, `tcp` and `grpc`. */ protocol: pulumi.Input; } export interface VirtualServiceSpec { /** * App Mesh object that is acting as the provider for a virtual service. You can specify a single virtual node or virtual router. */ provider?: pulumi.Input; } export interface VirtualServiceSpecProvider { /** * Virtual node associated with a virtual service. */ virtualNode?: pulumi.Input; /** * Virtual router associated with a virtual service. */ virtualRouter?: pulumi.Input; } export interface VirtualServiceSpecProviderVirtualNode { /** * Name of the virtual node that is acting as a service provider. Must be between 1 and 255 characters in length. */ virtualNodeName: pulumi.Input; } export interface VirtualServiceSpecProviderVirtualRouter { /** * Name of the virtual router that is acting as a service provider. Must be between 1 and 255 characters in length. */ virtualRouterName: pulumi.Input; } } export namespace apprunner { export interface CustomDomainAssociationCertificateValidationRecord { /** * Certificate CNAME record name. */ name?: pulumi.Input; /** * Current state of the certificate CNAME record validation. It should change to `SUCCESS` after App Runner completes validation with your DNS. */ status?: pulumi.Input; /** * Record type, always `CNAME`. */ type?: pulumi.Input; /** * Certificate CNAME record value. */ value?: pulumi.Input; } export interface ObservabilityConfigurationTraceConfiguration { /** * Implementation provider chosen for tracing App Runner services. Valid values: `AWSXRAY`. */ vendor?: pulumi.Input; } export interface ServiceEncryptionConfiguration { /** * ARN of the KMS key used for encryption. */ kmsKey: pulumi.Input; } export interface ServiceHealthCheckConfiguration { /** * Number of consecutive checks that must succeed before App Runner decides that the service is healthy. Defaults to 1. Minimum value of 1. Maximum value of 20. */ healthyThreshold?: pulumi.Input; /** * Time interval, in seconds, between health checks. Defaults to 5. Minimum value of 1. Maximum value of 20. */ interval?: pulumi.Input; /** * URL to send requests to for health checks. Defaults to `/`. Minimum length of 0. Maximum length of 51200. */ path?: pulumi.Input; /** * IP protocol that App Runner uses to perform health checks for your service. Valid values: `TCP`, `HTTP`. Defaults to `TCP`. If you set protocol to `HTTP`, App Runner sends health check requests to the HTTP path specified by `path`. */ protocol?: pulumi.Input; /** * Time, in seconds, to wait for a health check response before deciding it failed. Defaults to 2. Minimum value of 1. Maximum value of 20. */ timeout?: pulumi.Input; /** * Number of consecutive checks that must fail before App Runner decides that the service is unhealthy. Defaults to 5. Minimum value of 1. Maximum value of 20. */ unhealthyThreshold?: pulumi.Input; } export interface ServiceInstanceConfiguration { /** * Number of CPU units reserved for each instance of your App Runner service represented as a String. Defaults to `1024`. Valid values: `256|512|1024|2048|4096|(0.25|0.5|1|2|4) vCPU`. */ cpu?: pulumi.Input; /** * ARN of an IAM role that provides permissions to your App Runner service. These are permissions that your code needs when it calls any AWS APIs. */ instanceRoleArn?: pulumi.Input; /** * Amount of memory, in MB or GB, reserved for each instance of your App Runner service. Defaults to `2048`. Valid values: `512|1024|2048|3072|4096|6144|8192|10240|12288|(0.5|1|2|3|4|6|8|10|12) GB`. */ memory?: pulumi.Input; } export interface ServiceNetworkConfiguration { /** * Network configuration settings for outbound message traffic. See Egress Configuration below for more details. */ egressConfiguration?: pulumi.Input; /** * Network configuration settings for inbound network traffic. See Ingress Configuration below for more details. */ ingressConfiguration?: pulumi.Input; } export interface ServiceNetworkConfigurationEgressConfiguration { /** * The type of egress configuration. Valid values are: `DEFAULT` and `VPC`. */ egressType?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the App Runner VPC connector that you want to associate with your App Runner service. Only valid when `EgressType = VPC`. */ vpcConnectorArn?: pulumi.Input; } export interface ServiceNetworkConfigurationIngressConfiguration { /** * Specifies whether your App Runner service is publicly accessible. To make the service publicly accessible set it to True. To make the service privately accessible, from only within an Amazon VPC set it to False. */ isPubliclyAccessible?: pulumi.Input; } export interface ServiceObservabilityConfiguration { /** * ARN of the observability configuration that is associated with the service. Specified only when `observabilityEnabled` is `true`. */ observabilityConfigurationArn?: pulumi.Input; /** * When `true`, an observability configuration resource is associated with the service. */ observabilityEnabled: pulumi.Input; } export interface ServiceSourceConfiguration { /** * Describes resources needed to authenticate access to some source repositories. See Authentication Configuration below for more details. */ authenticationConfiguration?: pulumi.Input; /** * Whether continuous integration from the source repository is enabled for the App Runner service. If set to `true`, each repository change (source code commit or new image version) starts a deployment. Defaults to `true`. */ autoDeploymentsEnabled?: pulumi.Input; /** * Description of a source code repository. See Code Repository below for more details. */ codeRepository?: pulumi.Input; /** * Description of a source image repository. See Image Repository below for more details. */ imageRepository?: pulumi.Input; } export interface ServiceSourceConfigurationAuthenticationConfiguration { /** * ARN of the IAM role that grants the App Runner service access to a source repository. Required for ECR image repositories (but not for ECR Public) */ accessRoleArn?: pulumi.Input; /** * ARN of the App Runner connection that enables the App Runner service to connect to a source repository. Required for GitHub code repositories. */ connectionArn?: pulumi.Input; } export interface ServiceSourceConfigurationCodeRepository { /** * Configuration for building and running the service from a source code repository. See Code Configuration below for more details. */ codeConfiguration?: pulumi.Input; /** * Location of the repository that contains the source code. */ repositoryUrl: pulumi.Input; /** * Version that should be used within the source code repository. See Source Code Version below for more details. */ sourceCodeVersion: pulumi.Input; } export interface ServiceSourceConfigurationCodeRepositoryCodeConfiguration { /** * Basic configuration for building and running the App Runner service. Use this parameter to quickly launch an App Runner service without providing an apprunner.yaml file in the source code repository (or ignoring the file if it exists). See Code Configuration Values below for more details. */ codeConfigurationValues?: pulumi.Input; /** * Source of the App Runner configuration. Valid values: `REPOSITORY`, `API`. Values are interpreted as follows: */ configurationSource: pulumi.Input; } export interface ServiceSourceConfigurationCodeRepositoryCodeConfigurationCodeConfigurationValues { /** * Command App Runner runs to build your application. */ buildCommand?: pulumi.Input; /** * Port that your application listens to in the container. Defaults to `"8080"`. */ port?: pulumi.Input; /** * Runtime environment type for building and running an App Runner service. Represents a programming language runtime. Valid values: `PYTHON_3`, `NODEJS_12`, `NODEJS_14`, `NODEJS_16`, `CORRETTO_8`, `CORRETTO_11`, `GO_1`, `DOTNET_6`, `PHP_81`, `RUBY_31`. */ runtime: pulumi.Input; /** * Secrets and parameters available to your service as environment variables. A map of key/value pairs, where the key is the desired name of the Secret in the environment (i.e. it does not have to match the name of the secret in Secrets Manager or SSM Parameter Store), and the value is the ARN of the secret from AWS Secrets Manager or the ARN of the parameter in AWS SSM Parameter Store. */ runtimeEnvironmentSecrets?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Environment variables available to your running App Runner service. A map of key/value pairs. Keys with a prefix of `AWSAPPRUNNER` are reserved for system use and aren't valid. */ runtimeEnvironmentVariables?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Command App Runner runs to start your application. */ startCommand?: pulumi.Input; } export interface ServiceSourceConfigurationCodeRepositorySourceCodeVersion { /** * Type of version identifier. For a git-based repository, branches represent versions. Valid values: `BRANCH`. */ type: pulumi.Input; /** * Source code version. For a git-based repository, a branch name maps to a specific version. App Runner uses the most recent commit to the branch. */ value: pulumi.Input; } export interface ServiceSourceConfigurationImageRepository { /** * Configuration for running the identified image. See Image Configuration below for more details. */ imageConfiguration?: pulumi.Input; /** * Identifier of an image. For an image in Amazon Elastic Container Registry (Amazon ECR), this is an image name. For the * image name format, see Pulling an image in the Amazon ECR User Guide. */ imageIdentifier: pulumi.Input; /** * Type of the image repository. This reflects the repository provider and whether the repository is private or public. Valid values: `ECR` , `ECR_PUBLIC`. */ imageRepositoryType: pulumi.Input; } export interface ServiceSourceConfigurationImageRepositoryImageConfiguration { /** * Port that your application listens to in the container. Defaults to `"8080"`. */ port?: pulumi.Input; /** * Secrets and parameters available to your service as environment variables. A map of key/value pairs, where the key is the desired name of the Secret in the environment (i.e. it does not have to match the name of the secret in Secrets Manager or SSM Parameter Store), and the value is the ARN of the secret from AWS Secrets Manager or the ARN of the parameter in AWS SSM Parameter Store. */ runtimeEnvironmentSecrets?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Environment variables available to your running App Runner service. A map of key/value pairs. Keys with a prefix of `AWSAPPRUNNER` are reserved for system use and aren't valid. */ runtimeEnvironmentVariables?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Command App Runner runs to start the application in the source image. If specified, this command overrides the Docker image’s default start command. */ startCommand?: pulumi.Input; } export interface VpcIngressConnectionIngressVpcConfiguration { /** * The ID of the VPC endpoint that your App Runner service connects to. */ vpcEndpointId?: pulumi.Input; /** * The ID of the VPC that is used for the VPC endpoint. */ vpcId?: pulumi.Input; } } export namespace appstream { export interface DirectoryConfigServiceAccountCredentials { /** * User name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified. */ accountName: pulumi.Input; /** * Password for the account. */ accountPassword: pulumi.Input; } export interface FleetComputeCapacity { /** * Number of currently available instances that can be used to stream sessions. */ available?: pulumi.Input; /** * Desired number of streaming instances. */ desiredInstances: pulumi.Input; /** * Number of instances in use for streaming. */ inUse?: pulumi.Input; /** * Total number of simultaneous streaming instances that are running. */ running?: pulumi.Input; } export interface FleetDomainJoinInfo { /** * Fully qualified name of the directory (for example, corp.example.com). */ directoryName?: pulumi.Input; /** * Distinguished name of the organizational unit for computer accounts. */ organizationalUnitDistinguishedName?: pulumi.Input; } export interface FleetVpcConfig { /** * Identifiers of the security groups for the fleet or image builder. */ securityGroupIds?: pulumi.Input[]>; /** * Identifiers of the subnets to which a network interface is attached from the fleet instance or image builder instance. */ subnetIds?: pulumi.Input[]>; } export interface ImageBuilderAccessEndpoint { /** * Type of interface endpoint. */ endpointType: pulumi.Input; /** * Identifier (ID) of the VPC in which the interface endpoint is used. */ vpceId?: pulumi.Input; } export interface ImageBuilderDomainJoinInfo { /** * Fully qualified name of the directory (for example, corp.example.com). */ directoryName?: pulumi.Input; /** * Distinguished name of the organizational unit for computer accounts. */ organizationalUnitDistinguishedName?: pulumi.Input; } export interface ImageBuilderVpcConfig { /** * Identifiers of the security groups for the image builder or image builder. */ securityGroupIds?: pulumi.Input[]>; /** * Identifiers of the subnets to which a network interface is attached from the image builder instance or image builder instance. */ subnetIds?: pulumi.Input[]>; } export interface StackAccessEndpoint { /** * Type of the interface endpoint. * See the [`AccessEndpoint` AWS API documentation](https://docs.aws.amazon.com/appstream2/latest/APIReference/API_AccessEndpoint.html) for valid values. */ endpointType: pulumi.Input; /** * ID of the VPC in which the interface endpoint is used. */ vpceId?: pulumi.Input; } export interface StackApplicationSettings { /** * Whether application settings should be persisted. */ enabled: pulumi.Input; /** * Name of the settings group. * Required when `enabled` is `true`. * Can be up to 100 characters. */ settingsGroup?: pulumi.Input; } export interface StackStorageConnector { /** * Type of storage connector. * Valid values are `HOMEFOLDERS`, `GOOGLE_DRIVE`, or `ONE_DRIVE`. */ connectorType: pulumi.Input; /** * Names of the domains for the account. */ domains?: pulumi.Input[]>; /** * ARN of the storage connector. */ resourceIdentifier?: pulumi.Input; } export interface StackStreamingExperienceSettings { /** * The preferred protocol that you want to use while streaming your application. * Valid values are `TCP` and `UDP`. */ preferredProtocol?: pulumi.Input; } export interface StackUserSetting { /** * Action that is enabled or disabled. * Valid values are `CLIPBOARD_COPY_FROM_LOCAL_DEVICE`, `CLIPBOARD_COPY_TO_LOCAL_DEVICE`, `FILE_UPLOAD`, `FILE_DOWNLOAD`, `PRINTING_TO_LOCAL_DEVICE`, `DOMAIN_PASSWORD_SIGNIN`, or `DOMAIN_SMART_CARD_SIGNIN`. */ action: pulumi.Input; /** * Whether the action is enabled or disabled. * Valid values are `ENABLED` or `DISABLED`. */ permission: pulumi.Input; } } export namespace appsync { export interface DataSourceDynamodbConfig { /** * The DeltaSyncConfig for a versioned data source. See Delta Sync Config */ deltaSyncConfig?: pulumi.Input; /** * AWS region of the DynamoDB table. Defaults to current region. */ region?: pulumi.Input; /** * Name of the DynamoDB table. */ tableName: pulumi.Input; /** * Set to `true` to use Amazon Cognito credentials with this data source. */ useCallerCredentials?: pulumi.Input; /** * Detects Conflict Detection and Resolution with this data source. */ versioned?: pulumi.Input; } export interface DataSourceDynamodbConfigDeltaSyncConfig { /** * The number of minutes that an Item is stored in the data source. */ baseTableTtl?: pulumi.Input; /** * The table name. */ deltaSyncTableName: pulumi.Input; /** * The number of minutes that a Delta Sync log entry is stored in the Delta Sync table. */ deltaSyncTableTtl?: pulumi.Input; } export interface DataSourceElasticsearchConfig { /** * HTTP endpoint of the Elasticsearch domain. */ endpoint: pulumi.Input; /** * AWS region of Elasticsearch domain. Defaults to current region. */ region?: pulumi.Input; } export interface DataSourceEventBridgeConfig { /** * ARN for the EventBridge bus. */ eventBusArn: pulumi.Input; } export interface DataSourceHttpConfig { /** * Authorization configuration in case the HTTP endpoint requires authorization. See Authorization Config. */ authorizationConfig?: pulumi.Input; /** * HTTP URL. */ endpoint: pulumi.Input; } export interface DataSourceHttpConfigAuthorizationConfig { /** * Authorization type that the HTTP endpoint requires. Default values is `AWS_IAM`. */ authorizationType?: pulumi.Input; /** * Identity and Access Management (IAM) settings. See AWS IAM Config. */ awsIamConfig?: pulumi.Input; } export interface DataSourceHttpConfigAuthorizationConfigAwsIamConfig { /** * Signing Amazon Web Services Region for IAM authorization. */ signingRegion?: pulumi.Input; /** * Signing service name for IAM authorization. */ signingServiceName?: pulumi.Input; } export interface DataSourceLambdaConfig { /** * ARN for the Lambda function. */ functionArn: pulumi.Input; } export interface DataSourceOpensearchserviceConfig { /** * HTTP endpoint of the Elasticsearch domain. */ endpoint: pulumi.Input; /** * AWS region of the DynamoDB table. Defaults to current region. */ region?: pulumi.Input; } export interface DataSourceRelationalDatabaseConfig { /** * Amazon RDS HTTP endpoint configuration. See HTTP Endpoint Config. */ httpEndpointConfig?: pulumi.Input; /** * Source type for the relational database. Valid values: `RDS_HTTP_ENDPOINT`. */ sourceType?: pulumi.Input; } export interface DataSourceRelationalDatabaseConfigHttpEndpointConfig { /** * AWS secret store ARN for database credentials. */ awsSecretStoreArn: pulumi.Input; /** * Logical database name. */ databaseName?: pulumi.Input; /** * Amazon RDS cluster identifier. */ dbClusterIdentifier: pulumi.Input; /** * AWS Region for RDS HTTP endpoint. Defaults to current region. */ region?: pulumi.Input; /** * Logical schema name. */ schema?: pulumi.Input; } export interface FunctionRuntime { /** * The name of the runtime to use. Currently, the only allowed value is `APPSYNC_JS`. */ name: pulumi.Input; /** * The version of the runtime to use. Currently, the only allowed version is `1.0.0`. */ runtimeVersion: pulumi.Input; } export interface FunctionSyncConfig { /** * Conflict Detection strategy to use. Valid values are `NONE` and `VERSION`. */ conflictDetection?: pulumi.Input; /** * Conflict Resolution strategy to perform in the event of a conflict. Valid values are `NONE`, `OPTIMISTIC_CONCURRENCY`, `AUTOMERGE`, and `LAMBDA`. */ conflictHandler?: pulumi.Input; /** * Lambda Conflict Handler Config when configuring `LAMBDA` as the Conflict Handler. See Lambda Conflict Handler Config. */ lambdaConflictHandlerConfig?: pulumi.Input; } export interface FunctionSyncConfigLambdaConflictHandlerConfig { /** * ARN for the Lambda function to use as the Conflict Handler. */ lambdaConflictHandlerArn?: pulumi.Input; } export interface GraphQLApiAdditionalAuthenticationProvider { /** * Authentication type. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`, `AWS_LAMBDA` */ authenticationType: pulumi.Input; /** * Nested argument containing Lambda authorizer configuration. Defined below. */ lambdaAuthorizerConfig?: pulumi.Input; /** * Nested argument containing OpenID Connect configuration. Defined below. */ openidConnectConfig?: pulumi.Input; /** * Amazon Cognito User Pool configuration. Defined below. */ userPoolConfig?: pulumi.Input; } export interface GraphQLApiAdditionalAuthenticationProviderLambdaAuthorizerConfig { /** * Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a `ttlOverride` key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. */ authorizerResultTtlInSeconds?: pulumi.Input; /** * ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow `lambda:InvokeFunction` from service principal `appsync.amazonaws.com`. */ authorizerUri: pulumi.Input; /** * Regular expression for validation of tokens before the Lambda function is called. */ identityValidationExpression?: pulumi.Input; } export interface GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfig { /** * Number of milliseconds a token is valid after being authenticated. */ authTtl?: pulumi.Input; /** * Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time. */ clientId?: pulumi.Input; /** * Number of milliseconds a token is valid after being issued to a user. */ iatTtl?: pulumi.Input; /** * Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token. */ issuer: pulumi.Input; } export interface GraphQLApiAdditionalAuthenticationProviderUserPoolConfig { /** * Regular expression for validating the incoming Amazon Cognito User Pool app client ID. */ appIdClientRegex?: pulumi.Input; /** * AWS region in which the user pool was created. */ awsRegion?: pulumi.Input; /** * User pool ID. */ userPoolId: pulumi.Input; } export interface GraphQLApiLambdaAuthorizerConfig { /** * Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a `ttlOverride` key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. */ authorizerResultTtlInSeconds?: pulumi.Input; /** * ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow `lambda:InvokeFunction` from service principal `appsync.amazonaws.com`. */ authorizerUri: pulumi.Input; /** * Regular expression for validation of tokens before the Lambda function is called. */ identityValidationExpression?: pulumi.Input; } export interface GraphQLApiLogConfig { /** * Amazon Resource Name of the service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account. */ cloudwatchLogsRoleArn: pulumi.Input; /** * Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level. Valid values: `true`, `false`. Default value: `false` */ excludeVerboseContent?: pulumi.Input; /** * Field logging level. Valid values: `ALL`, `ERROR`, `NONE`. */ fieldLogLevel: pulumi.Input; } export interface GraphQLApiOpenidConnectConfig { /** * Number of milliseconds a token is valid after being authenticated. */ authTtl?: pulumi.Input; /** * Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time. */ clientId?: pulumi.Input; /** * Number of milliseconds a token is valid after being issued to a user. */ iatTtl?: pulumi.Input; /** * Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token. */ issuer: pulumi.Input; } export interface GraphQLApiUserPoolConfig { /** * Regular expression for validating the incoming Amazon Cognito User Pool app client ID. */ appIdClientRegex?: pulumi.Input; /** * AWS region in which the user pool was created. */ awsRegion?: pulumi.Input; /** * Action that you want your GraphQL API to take when a request that uses Amazon Cognito User Pool authentication doesn't match the Amazon Cognito User Pool configuration. Valid: `ALLOW` and `DENY` */ defaultAction: pulumi.Input; /** * User pool ID. */ userPoolId: pulumi.Input; } export interface ResolverCachingConfig { /** * The caching keys for a resolver that has caching activated. Valid values are entries from the $context.arguments, $context.source, and $context.identity maps. */ cachingKeys?: pulumi.Input[]>; /** * The TTL in seconds for a resolver that has caching activated. Valid values are between `1` and `3600` seconds. */ ttl?: pulumi.Input; } export interface ResolverPipelineConfig { /** * A list of Function objects. */ functions?: pulumi.Input[]>; } export interface ResolverRuntime { /** * The name of the runtime to use. Currently, the only allowed value is `APPSYNC_JS`. */ name: pulumi.Input; /** * The version of the runtime to use. Currently, the only allowed version is `1.0.0`. */ runtimeVersion: pulumi.Input; } export interface ResolverSyncConfig { /** * Conflict Detection strategy to use. Valid values are `NONE` and `VERSION`. */ conflictDetection?: pulumi.Input; /** * Conflict Resolution strategy to perform in the event of a conflict. Valid values are `NONE`, `OPTIMISTIC_CONCURRENCY`, `AUTOMERGE`, and `LAMBDA`. */ conflictHandler?: pulumi.Input; /** * Lambda Conflict Handler Config when configuring `LAMBDA` as the Conflict Handler. See Lambda Conflict Handler Config. */ lambdaConflictHandlerConfig?: pulumi.Input; } export interface ResolverSyncConfigLambdaConflictHandlerConfig { /** * ARN for the Lambda function to use as the Conflict Handler. */ lambdaConflictHandlerArn?: pulumi.Input; } } export namespace athena { export interface DatabaseAclConfiguration { /** * Amazon S3 canned ACL that Athena should specify when storing query results. Valid value is `BUCKET_OWNER_FULL_CONTROL`. * * > **NOTE:** When Athena queries are executed, result files may be created in the specified bucket. Consider using `forceDestroy` on the bucket too in order to avoid any problems when destroying the bucket. */ s3AclOption: pulumi.Input; } export interface DatabaseEncryptionConfiguration { /** * Type of key; one of `SSE_S3`, `SSE_KMS`, `CSE_KMS` */ encryptionOption: pulumi.Input; /** * KMS key ARN or ID; required for key types `SSE_KMS` and `CSE_KMS`. */ kmsKey?: pulumi.Input; } export interface WorkgroupConfiguration { /** * Integer for the upper data usage limit (cutoff) for the amount of bytes a single query in a workgroup is allowed to scan. Must be at least `10485760`. */ bytesScannedCutoffPerQuery?: pulumi.Input; /** * Boolean whether the settings for the workgroup override client-side settings. For more information, see [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html). Defaults to `true`. */ enforceWorkgroupConfiguration?: pulumi.Input; /** * Configuration block for the Athena Engine Versioning. For more information, see [Athena Engine Versioning](https://docs.aws.amazon.com/athena/latest/ug/engine-versions.html). See Engine Version below. */ engineVersion?: pulumi.Input; /** * Role used in a notebook session for accessing the user's resources. */ executionRole?: pulumi.Input; /** * Boolean whether Amazon CloudWatch metrics are enabled for the workgroup. Defaults to `true`. */ publishCloudwatchMetricsEnabled?: pulumi.Input; /** * If set to true , allows members assigned to a workgroup to reference Amazon S3 Requester Pays buckets in queries. If set to false , workgroup members cannot query data from Requester Pays buckets, and queries that retrieve data from Requester Pays buckets cause an error. The default is false . For more information about Requester Pays buckets, see [Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) in the Amazon Simple Storage Service Developer Guide. */ requesterPaysEnabled?: pulumi.Input; /** * Configuration block with result settings. See Result Configuration below. */ resultConfiguration?: pulumi.Input; } export interface WorkgroupConfigurationEngineVersion { /** * The engine version on which the query runs. If `selectedEngineVersion` is set to `AUTO`, the effective engine version is chosen by Athena. */ effectiveEngineVersion?: pulumi.Input; /** * Requested engine version. Defaults to `AUTO`. */ selectedEngineVersion?: pulumi.Input; } export interface WorkgroupConfigurationResultConfiguration { /** * That an Amazon S3 canned ACL should be set to control ownership of stored query results. See ACL Configuration below. */ aclConfiguration?: pulumi.Input; /** * Configuration block with encryption settings. See Encryption Configuration below. */ encryptionConfiguration?: pulumi.Input; /** * AWS account ID that you expect to be the owner of the Amazon S3 bucket. */ expectedBucketOwner?: pulumi.Input; /** * Location in Amazon S3 where your query results are stored, such as `s3://path/to/query/bucket/`. For more information, see [Queries and Query Result Files](https://docs.aws.amazon.com/athena/latest/ug/querying.html). */ outputLocation?: pulumi.Input; } export interface WorkgroupConfigurationResultConfigurationAclConfiguration { /** * Amazon S3 canned ACL that Athena should specify when storing query results. Valid value is `BUCKET_OWNER_FULL_CONTROL`. */ s3AclOption: pulumi.Input; } export interface WorkgroupConfigurationResultConfigurationEncryptionConfiguration { /** * Whether Amazon S3 server-side encryption with Amazon S3-managed keys (`SSE_S3`), server-side encryption with KMS-managed keys (`SSE_KMS`), or client-side encryption with KMS-managed keys (`CSE_KMS`) is used. If a query runs in a workgroup and the workgroup overrides client-side settings, then the workgroup's setting for encryption is used. It specifies whether query results must be encrypted, for all queries that run in this workgroup. */ encryptionOption?: pulumi.Input; /** * For `SSE_KMS` and `CSE_KMS`, this is the KMS key ARN. */ kmsKeyArn?: pulumi.Input; } } export namespace auditmanager { export interface AssessmentAssessmentReportsDestination { /** * Destination of the assessment report. This value be in the form `s3://{bucket_name}`. */ destination: pulumi.Input; /** * Destination type. Currently, `S3` is the only valid value. */ destinationType: pulumi.Input; } export interface AssessmentRole { /** * Amazon Resource Name (ARN) of the IAM role. */ roleArn: pulumi.Input; /** * Type of customer persona. For assessment creation, type must always be `PROCESS_OWNER`. */ roleType: pulumi.Input; } export interface AssessmentRolesAll { /** * Amazon Resource Name (ARN) of the IAM role. */ roleArn: pulumi.Input; /** * Type of customer persona. For assessment creation, type must always be `PROCESS_OWNER`. */ roleType: pulumi.Input; } export interface AssessmentScope { /** * Amazon Web Services accounts that are in scope for the assessment. See `awsAccounts` below. */ awsAccounts?: pulumi.Input[]>; /** * Amazon Web Services services that are included in the scope of the assessment. See `awsServices` below. */ awsServices?: pulumi.Input[]>; } export interface AssessmentScopeAwsAccount { /** * Identifier for the Amazon Web Services account. */ id: pulumi.Input; } export interface AssessmentScopeAwsService { /** * Name of the Amazon Web Service. */ serviceName: pulumi.Input; } export interface ControlControlMappingSource { /** * Description of the source. */ sourceDescription?: pulumi.Input; /** * Frequency of evidence collection. Valid values are `DAILY`, `WEEKLY`, or `MONTHLY`. */ sourceFrequency?: pulumi.Input; sourceId?: pulumi.Input; /** * The keyword to search for in CloudTrail logs, Config rules, Security Hub checks, and Amazon Web Services API names. See `sourceKeyword` below. */ sourceKeyword?: pulumi.Input; /** * Name of the source. */ sourceName: pulumi.Input; /** * The setup option for the data source. This option reflects if the evidence collection is automated or manual. Valid values are `System_Controls_Mapping` (automated) and `Procedural_Controls_Mapping` (manual). */ sourceSetUpOption: pulumi.Input; /** * Type of data source for evidence collection. If `sourceSetUpOption` is manual, the only valid value is `MANUAL`. If `sourceSetUpOption` is automated, valid values are `AWS_Cloudtrail`, `AWS_Config`, `AWS_Security_Hub`, or `AWS_API_Call`. * * The following arguments are optional: */ sourceType: pulumi.Input; /** * Instructions for troubleshooting the control. */ troubleshootingText?: pulumi.Input; } export interface ControlControlMappingSourceSourceKeyword { /** * Input method for the keyword. Valid values are `SELECT_FROM_LIST`. */ keywordInputType: pulumi.Input; /** * The value of the keyword that's used when mapping a control data source. For example, this can be a CloudTrail event name, a rule name for Config, a Security Hub control, or the name of an Amazon Web Services API call. See the [Audit Manager supported control data sources documentation](https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources.html) for more information. */ keywordValue: pulumi.Input; } export interface FrameworkControlSet { /** * List of controls within the control set. See `controls` below. */ controls?: pulumi.Input[]>; /** * Unique identifier of the control. */ id?: pulumi.Input; /** * Name of the control set. */ name: pulumi.Input; } export interface FrameworkControlSetControl { /** * Unique identifier of the control. */ id: pulumi.Input; } export interface GetControlControlMappingSource { sourceDescription?: string; sourceFrequency?: string; sourceId?: string; sourceKeyword?: inputs.auditmanager.GetControlControlMappingSourceSourceKeyword; sourceName?: string; sourceSetUpOption?: string; sourceType?: string; troubleshootingText?: string; } export interface GetControlControlMappingSourceArgs { sourceDescription?: pulumi.Input; sourceFrequency?: pulumi.Input; sourceId?: pulumi.Input; sourceKeyword?: pulumi.Input; sourceName?: pulumi.Input; sourceSetUpOption?: pulumi.Input; sourceType?: pulumi.Input; troubleshootingText?: pulumi.Input; } export interface GetControlControlMappingSourceSourceKeyword { keywordInputType?: string; keywordValue?: string; } export interface GetControlControlMappingSourceSourceKeywordArgs { keywordInputType?: pulumi.Input; keywordValue?: pulumi.Input; } export interface GetFrameworkControlSet { controls?: inputs.auditmanager.GetFrameworkControlSetControl[]; id?: string; /** * Name of the framework. */ name?: string; } export interface GetFrameworkControlSetArgs { controls?: pulumi.Input[]>; id?: pulumi.Input; /** * Name of the framework. */ name?: pulumi.Input; } export interface GetFrameworkControlSetControl { id?: string; } export interface GetFrameworkControlSetControlArgs { id?: pulumi.Input; } } export namespace autoscaling { export interface GetAmiIdsFilter { /** * Name of the DescribeAutoScalingGroup filter. The recommended values are: `tag-key`, `tag-value`, and `tag:` */ name: string; /** * Value of the filter. */ values: string[]; } export interface GetAmiIdsFilterArgs { /** * Name of the DescribeAutoScalingGroup filter. The recommended values are: `tag-key`, `tag-value`, and `tag:` */ name: pulumi.Input; /** * Value of the filter. */ values: pulumi.Input[]>; } export interface GroupInitialLifecycleHook { defaultResult?: pulumi.Input; heartbeatTimeout?: pulumi.Input; lifecycleTransition: pulumi.Input; /** * Name of the Auto Scaling Group. By default generated by Pulumi. Conflicts with `namePrefix`. */ name: pulumi.Input; notificationMetadata?: pulumi.Input; notificationTargetArn?: pulumi.Input; roleArn?: pulumi.Input; } export interface GroupInstanceRefresh { /** * Override default parameters for Instance Refresh. */ preferences?: pulumi.Input; /** * Strategy to use for instance refresh. The only allowed value is `Rolling`. See [StartInstanceRefresh Action](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_StartInstanceRefresh.html#API_StartInstanceRefresh_RequestParameters) for more information. */ strategy: pulumi.Input; /** * Set of additional property names that will trigger an Instance Refresh. A refresh will always be triggered by a change in any of `launchConfiguration`, `launchTemplate`, or `mixedInstancesPolicy`. * * > **NOTE:** A refresh is started when any of the following Auto Scaling Group properties change: `launchConfiguration`, `launchTemplate`, `mixedInstancesPolicy`. Additional properties can be specified in the `triggers` property of `instanceRefresh`. * * > **NOTE:** A refresh will not start when `version = "$Latest"` is configured in the `launchTemplate` block. To trigger the instance refresh when a launch template is changed, configure `version` to use the `latestVersion` attribute of the `aws.ec2.LaunchTemplate` resource. * * > **NOTE:** Auto Scaling Groups support up to one active instance refresh at a time. When this resource is updated, any existing refresh is cancelled. * * > **NOTE:** Depending on health check settings and group size, an instance refresh may take a long time or fail. This resource does not wait for the instance refresh to complete. */ triggers?: pulumi.Input[]>; } export interface GroupInstanceRefreshPreferences { /** * Automatically rollback if instance refresh fails. Defaults to `false`. This option may only be set to `true` when specifying a `launchTemplate` or `mixedInstancesPolicy`. */ autoRollback?: pulumi.Input; /** * Number of seconds to wait after a checkpoint. Defaults to `3600`. */ checkpointDelay?: pulumi.Input; /** * List of percentages for each checkpoint. Values must be unique and in ascending order. To replace all instances, the final number must be `100`. */ checkpointPercentages?: pulumi.Input[]>; /** * Number of seconds until a newly launched instance is configured and ready to use. Default behavior is to use the Auto Scaling Group's health check grace period. */ instanceWarmup?: pulumi.Input; /** * Amount of capacity in the Auto Scaling group that must remain healthy during an instance refresh to allow the operation to continue, as a percentage of the desired capacity of the Auto Scaling group. Defaults to `90`. */ minHealthyPercentage?: pulumi.Input; /** * Behavior when encountering instances protected from scale in are found. Available behaviors are `Refresh`, `Ignore`, and `Wait`. Default is `Ignore`. */ scaleInProtectedInstances?: pulumi.Input; /** * Replace instances that already have your desired configuration. Defaults to `false`. */ skipMatching?: pulumi.Input; /** * Behavior when encountering instances in the `Standby` state in are found. Available behaviors are `Terminate`, `Ignore`, and `Wait`. Default is `Ignore`. */ standbyInstances?: pulumi.Input; } export interface GroupLaunchTemplate { /** * ID of the launch template. Conflicts with `name`. */ id?: pulumi.Input; /** * Name of the launch template. Conflicts with `id`. */ name?: pulumi.Input; /** * Template version. Can be version number, `$Latest`, or `$Default`. (Default: `$Default`). */ version?: pulumi.Input; } export interface GroupMixedInstancesPolicy { /** * Nested argument containing settings on how to mix on-demand and Spot instances in the Auto Scaling group. Defined below. */ instancesDistribution?: pulumi.Input; /** * Nested argument containing launch template settings along with the overrides to specify multiple instance types and weights. Defined below. */ launchTemplate: pulumi.Input; } export interface GroupMixedInstancesPolicyInstancesDistribution { /** * Strategy to use when launching on-demand instances. Valid values: `prioritized`, `lowest-price`. Default: `prioritized`. */ onDemandAllocationStrategy?: pulumi.Input; /** * Absolute minimum amount of desired capacity that must be fulfilled by on-demand instances. Default: `0`. */ onDemandBaseCapacity?: pulumi.Input; /** * Percentage split between on-demand and Spot instances above the base on-demand capacity. Default: `100`. */ onDemandPercentageAboveBaseCapacity?: pulumi.Input; /** * How to allocate capacity across the Spot pools. Valid values: `lowest-price`, `capacity-optimized`, `capacity-optimized-prioritized`, and `price-capacity-optimized`. Default: `lowest-price`. */ spotAllocationStrategy?: pulumi.Input; /** * Number of Spot pools per availability zone to allocate capacity. EC2 Auto Scaling selects the cheapest Spot pools and evenly allocates Spot capacity across the number of Spot pools that you specify. Only available with `spotAllocationStrategy` set to `lowest-price`. Otherwise it must be set to `0`, if it has been defined before. Default: `2`. */ spotInstancePools?: pulumi.Input; /** * Maximum price per unit hour that the user is willing to pay for the Spot instances. Default: an empty string which means the on-demand price. */ spotMaxPrice?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplate { /** * Nested argument defines the Launch Template. Defined below. */ launchTemplateSpecification: pulumi.Input; /** * List of nested arguments provides the ability to specify multiple instance types. This will override the same parameter in the launch template. For on-demand instances, Auto Scaling considers the order of preference of instance types to launch based on the order specified in the overrides list. Defined below. */ overrides?: pulumi.Input[]>; } export interface GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification { /** * ID of the launch template. Conflicts with `launchTemplateName`. */ launchTemplateId?: pulumi.Input; /** * Name of the launch template. Conflicts with `launchTemplateId`. */ launchTemplateName?: pulumi.Input; /** * Template version. Can be version number, `$Latest`, or `$Default`. (Default: `$Default`). */ version?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverride { /** * Override the instance type in the Launch Template with instance types that satisfy the requirements. */ instanceRequirements?: pulumi.Input; /** * Override the instance type in the Launch Template. */ instanceType?: pulumi.Input; /** * Nested argument defines the Launch Template. Defined below. */ launchTemplateSpecification?: pulumi.Input; /** * Number of capacity units, which gives the instance type a proportional weight to other instance types. */ weightedCapacity?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirements { /** * Block describing the minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips). Default is no minimum or maximum. */ acceleratorCount?: pulumi.Input; /** * List of accelerator manufacturer names. Default is any manufacturer. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ acceleratorManufacturers?: pulumi.Input[]>; /** * List of accelerator names. Default is any acclerator. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ acceleratorNames?: pulumi.Input[]>; /** * Block describing the minimum and maximum total memory of the accelerators. Default is no minimum or maximum. */ acceleratorTotalMemoryMib?: pulumi.Input; /** * List of accelerator types. Default is any accelerator type. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ acceleratorTypes?: pulumi.Input[]>; /** * List of instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. You can use strings with one or more wild cards, represented by an asterisk (\*), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are allowing the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are allowing all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is all instance types. * * > **NOTE:** If you specify `allowedInstanceTypes`, you can't specify `excludedInstanceTypes`. */ allowedInstanceTypes?: pulumi.Input[]>; /** * Indicate whether bare metal instace types should be `included`, `excluded`, or `required`. Default is `excluded`. */ bareMetal?: pulumi.Input; /** * Block describing the minimum and maximum baseline EBS bandwidth, in Mbps. Default is no minimum or maximum. */ baselineEbsBandwidthMbps?: pulumi.Input; /** * Indicate whether burstable performance instance types should be `included`, `excluded`, or `required`. Default is `excluded`. */ burstablePerformance?: pulumi.Input; /** * List of CPU manufacturer names. Default is any manufacturer. * * > **NOTE:** Don't confuse the CPU hardware manufacturer with the CPU hardware architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ cpuManufacturers?: pulumi.Input[]>; /** * List of instance types to exclude. You can use strings with one or more wild cards, represented by an asterisk (\*), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are excluding all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is no excluded instance types. * * > **NOTE:** If you specify `excludedInstanceTypes`, you can't specify `allowedInstanceTypes`. */ excludedInstanceTypes?: pulumi.Input[]>; /** * List of instance generation names. Default is any generation. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ instanceGenerations?: pulumi.Input[]>; /** * Indicate whether instance types with local storage volumes are `included`, `excluded`, or `required`. Default is `included`. */ localStorage?: pulumi.Input; /** * List of local storage type names. Default any storage type. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ localStorageTypes?: pulumi.Input[]>; /** * Block describing the minimum and maximum amount of memory (GiB) per vCPU. Default is no minimum or maximum. */ memoryGibPerVcpu?: pulumi.Input; /** * Block describing the minimum and maximum amount of memory (MiB). Default is no maximum. */ memoryMib?: pulumi.Input; /** * Block describing the minimum and maximum amount of network bandwidth, in gigabits per second (Gbps). Default is no minimum or maximum. */ networkBandwidthGbps?: pulumi.Input; /** * Block describing the minimum and maximum number of network interfaces. Default is no minimum or maximum. */ networkInterfaceCount?: pulumi.Input; /** * Price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 20. * * If you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price. */ onDemandMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Indicate whether instance types must support On-Demand Instance Hibernation, either `true` or `false`. Default is `false`. */ requireHibernateSupport?: pulumi.Input; /** * Price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 100. * * If you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price. */ spotMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Block describing the minimum and maximum total local storage (GB). Default is no minimum or maximum. */ totalLocalStorageGb?: pulumi.Input; /** * Block describing the minimum and maximum number of vCPUs. Default is no maximum. */ vcpuCount?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsAcceleratorCount { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsAcceleratorTotalMemoryMib { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsBaselineEbsBandwidthMbps { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryGibPerVcpu { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryMib { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsNetworkBandwidthGbps { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsNetworkInterfaceCount { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsTotalLocalStorageGb { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsVcpuCount { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideLaunchTemplateSpecification { /** * ID of the launch template. Conflicts with `launchTemplateName`. */ launchTemplateId?: pulumi.Input; /** * Name of the launch template. Conflicts with `launchTemplateId`. */ launchTemplateName?: pulumi.Input; /** * Template version. Can be version number, `$Latest`, or `$Default`. (Default: `$Default`). */ version?: pulumi.Input; } export interface GroupTag { /** * Key */ key: pulumi.Input; /** * Enables propagation of the tag to * Amazon EC2 instances launched via this ASG * * To declare multiple tags, additional `tag` blocks can be specified. * * > **NOTE:** Other AWS APIs may automatically add special tags to their associated Auto Scaling Group for management purposes, such as ECS Capacity Providers adding the `AmazonECSManaged` tag. These generally should be included in the configuration so the provider does not attempt to remove them and so if the `minSize` was greater than zero on creation, that these tag(s) are applied to any initial EC2 Instances in the Auto Scaling Group. If these tag(s) were missing in the Auto Scaling Group configuration on creation, affected EC2 Instances missing the tags may require manual intervention of adding the tags to ensure they work properly with the other AWS service. */ propagateAtLaunch: pulumi.Input; /** * Value */ value: pulumi.Input; } export interface GroupTrafficSource { /** * Identifies the traffic source. For Application Load Balancers, Gateway Load Balancers, Network Load Balancers, and VPC Lattice, this will be the Amazon Resource Name (ARN) for a target group in this account and Region. For Classic Load Balancers, this will be the name of the Classic Load Balancer in this account and Region. */ identifier: pulumi.Input; /** * Provides additional context for the value of Identifier. * The following lists the valid values: * `elb` if `identifier` is the name of a Classic Load Balancer. * `elbv2` if `identifier` is the ARN of an Application Load Balancer, Gateway Load Balancer, or Network Load Balancer target group. * `vpc-lattice` if `identifier` is the ARN of a VPC Lattice target group. */ type?: pulumi.Input; } export interface GroupWarmPool { /** * Whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in. */ instanceReusePolicy?: pulumi.Input; /** * Total maximum number of instances that are allowed to be in the warm pool or in any state except Terminated for the Auto Scaling group. */ maxGroupPreparedCapacity?: pulumi.Input; /** * Minimum number of instances to maintain in the warm pool. This helps you to ensure that there is always a certain number of warmed instances available to handle traffic spikes. Defaults to 0 if not specified. */ minSize?: pulumi.Input; /** * Sets the instance state to transition to after the lifecycle hooks finish. Valid values are: Stopped (default), Running or Hibernated. */ poolState?: pulumi.Input; } export interface GroupWarmPoolInstanceReusePolicy { /** * Whether instances in the Auto Scaling group can be returned to the warm pool on scale in. */ reuseOnScaleIn?: pulumi.Input; } export interface PolicyPredictiveScalingConfiguration { /** * Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity of the Auto Scaling group. Valid values are `HonorMaxCapacity` or `IncreaseMaxCapacity`. Default is `HonorMaxCapacity`. */ maxCapacityBreachBehavior?: pulumi.Input; /** * Size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity. Valid range is `0` to `100`. If set to `0`, Amazon EC2 Auto Scaling may scale capacity higher than the maximum capacity to equal but not exceed forecast capacity. */ maxCapacityBuffer?: pulumi.Input; /** * This structure includes the metrics and target utilization to use for predictive scaling. */ metricSpecification: pulumi.Input; /** * Predictive scaling mode. Valid values are `ForecastAndScale` and `ForecastOnly`. Default is `ForecastOnly`. */ mode?: pulumi.Input; /** * Amount of time, in seconds, by which the instance launch time can be advanced. Minimum is `0`. */ schedulingBufferTime?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecification { /** * Customized capacity metric specification. The field is only valid when you use `customizedLoadMetricSpecification` */ customizedCapacityMetricSpecification?: pulumi.Input; /** * Customized load metric specification. */ customizedLoadMetricSpecification?: pulumi.Input; /** * Customized scaling metric specification. */ customizedScalingMetricSpecification?: pulumi.Input; /** * Predefined load metric specification. */ predefinedLoadMetricSpecification?: pulumi.Input; /** * Metric pair specification from which Amazon EC2 Auto Scaling determines the appropriate scaling metric and load metric to use. */ predefinedMetricPairSpecification?: pulumi.Input; /** * Predefined scaling metric specification. */ predefinedScalingMetricSpecification?: pulumi.Input; /** * Target value for the metric. */ targetValue: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecification { /** * List of up to 10 structures that defines custom capacity metric in predictive scaling policy */ metricDataQueries: pulumi.Input[]>; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQuery { /** * Math expression used on the returned metric. You must specify either `expression` or `metricStat`, but not both. */ expression?: pulumi.Input; /** * Short name for the metric used in predictive scaling policy. */ id: pulumi.Input; /** * Human-readable label for this metric or expression. */ label?: pulumi.Input; /** * Structure that defines CloudWatch metric to be used in predictive scaling policy. You must specify either `expression` or `metricStat`, but not both. */ metricStat?: pulumi.Input; /** * Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true */ returnData?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStat { /** * Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions. */ metric: pulumi.Input; /** * Statistic of the metrics to return. */ stat: pulumi.Input; /** * Unit of the metrics to return. */ unit?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStatMetric { /** * Dimensions of the metric. */ dimensions?: pulumi.Input[]>; /** * Name of the metric. */ metricName: pulumi.Input; /** * Namespace of the metric. */ namespace: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStatMetricDimension { /** * Name of the dimension. */ name: pulumi.Input; /** * Value of the dimension. */ value: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecification { /** * List of up to 10 structures that defines custom load metric in predictive scaling policy */ metricDataQueries: pulumi.Input[]>; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQuery { /** * Math expression used on the returned metric. You must specify either `expression` or `metricStat`, but not both. */ expression?: pulumi.Input; /** * Short name for the metric used in predictive scaling policy. */ id: pulumi.Input; /** * Human-readable label for this metric or expression. */ label?: pulumi.Input; /** * Structure that defines CloudWatch metric to be used in predictive scaling policy. You must specify either `expression` or `metricStat`, but not both. */ metricStat?: pulumi.Input; /** * Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true */ returnData?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStat { /** * Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions. */ metric: pulumi.Input; /** * Statistic of the metrics to return. */ stat: pulumi.Input; /** * Unit of the metrics to return. */ unit?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStatMetric { /** * Dimensions of the metric. */ dimensions?: pulumi.Input[]>; /** * Name of the metric. */ metricName: pulumi.Input; /** * Namespace of the metric. */ namespace: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStatMetricDimension { /** * Name of the dimension. */ name: pulumi.Input; /** * Value of the dimension. */ value: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecification { /** * List of up to 10 structures that defines custom scaling metric in predictive scaling policy */ metricDataQueries: pulumi.Input[]>; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQuery { /** * Math expression used on the returned metric. You must specify either `expression` or `metricStat`, but not both. */ expression?: pulumi.Input; /** * Short name for the metric used in predictive scaling policy. */ id: pulumi.Input; /** * Human-readable label for this metric or expression. */ label?: pulumi.Input; /** * Structure that defines CloudWatch metric to be used in predictive scaling policy. You must specify either `expression` or `metricStat`, but not both. */ metricStat?: pulumi.Input; /** * Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true */ returnData?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStat { /** * Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions. */ metric: pulumi.Input; /** * Statistic of the metrics to return. */ stat: pulumi.Input; /** * Unit of the metrics to return. */ unit?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetric { /** * Dimensions of the metric. */ dimensions?: pulumi.Input[]>; /** * Name of the metric. */ metricName: pulumi.Input; /** * Namespace of the metric. */ namespace: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetricDimension { /** * Name of the dimension. */ name: pulumi.Input; /** * Value of the dimension. */ value: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedLoadMetricSpecification { /** * Metric type. Valid values are `ASGTotalCPUUtilization`, `ASGTotalNetworkIn`, `ASGTotalNetworkOut`, or `ALBTargetGroupRequestCount`. */ predefinedMetricType: pulumi.Input; /** * Label that uniquely identifies a specific Application Load Balancer target group from which to determine the request count served by your Auto Scaling group. */ resourceLabel?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedMetricPairSpecification { /** * Which metrics to use. There are two different types of metrics for each metric type: one is a load metric and one is a scaling metric. For example, if the metric type is `ASGCPUUtilization`, the Auto Scaling group's total CPU metric is used as the load metric, and the average CPU metric is used for the scaling metric. Valid values are `ASGCPUUtilization`, `ASGNetworkIn`, `ASGNetworkOut`, or `ALBRequestCount`. */ predefinedMetricType: pulumi.Input; /** * Label that uniquely identifies a specific Application Load Balancer target group from which to determine the request count served by your Auto Scaling group. */ resourceLabel?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedScalingMetricSpecification { /** * Describes a scaling metric for a predictive scaling policy. Valid values are `ASGAverageCPUUtilization`, `ASGAverageNetworkIn`, `ASGAverageNetworkOut`, or `ALBRequestCountPerTarget`. */ predefinedMetricType: pulumi.Input; /** * Label that uniquely identifies a specific Application Load Balancer target group from which to determine the request count served by your Auto Scaling group. */ resourceLabel?: pulumi.Input; } export interface PolicyStepAdjustment { /** * Lower bound for the * difference between the alarm threshold and the CloudWatch metric. * Without a value, AWS will treat this bound as negative infinity. */ metricIntervalLowerBound?: pulumi.Input; /** * Upper bound for the * difference between the alarm threshold and the CloudWatch metric. * Without a value, AWS will treat this bound as positive infinity. The upper bound * must be greater than the lower bound. * * Notice the bounds are **relative** to the alarm threshold, meaning that the starting point is not 0%, but the alarm threshold. Check the official [docs](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-simple-step.html#as-scaling-steps) for a detailed example. * * The following arguments are only available to "TargetTrackingScaling" type policies: */ metricIntervalUpperBound?: pulumi.Input; /** * Number of members by which to * scale, when the adjustment bounds are breached. A positive value scales * up. A negative value scales down. */ scalingAdjustment: pulumi.Input; } export interface PolicyTargetTrackingConfiguration { /** * Customized metric. Conflicts with `predefinedMetricSpecification`. */ customizedMetricSpecification?: pulumi.Input; /** * Whether scale in by the target tracking policy is disabled. */ disableScaleIn?: pulumi.Input; /** * Predefined metric. Conflicts with `customizedMetricSpecification`. */ predefinedMetricSpecification?: pulumi.Input; /** * Target value for the metric. */ targetValue: pulumi.Input; } export interface PolicyTargetTrackingConfigurationCustomizedMetricSpecification { /** * Dimensions of the metric. */ metricDimensions?: pulumi.Input[]>; /** * Name of the metric. */ metricName?: pulumi.Input; /** * Metrics to include, as a metric data query. */ metrics?: pulumi.Input[]>; /** * Namespace of the metric. */ namespace?: pulumi.Input; /** * Statistic of the metric. */ statistic?: pulumi.Input; /** * Unit of the metric. */ unit?: pulumi.Input; } export interface PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetric { /** * Math expression used on the returned metric. You must specify either `expression` or `metricStat`, but not both. */ expression?: pulumi.Input; /** * Short name for the metric used in target tracking scaling policy. */ id: pulumi.Input; /** * Human-readable label for this metric or expression. */ label?: pulumi.Input; /** * Structure that defines CloudWatch metric to be used in target tracking scaling policy. You must specify either `expression` or `metricStat`, but not both. */ metricStat?: pulumi.Input; /** * Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true */ returnData?: pulumi.Input; } export interface PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricDimension { /** * Name of the dimension. */ name: pulumi.Input; /** * Value of the dimension. */ value: pulumi.Input; } export interface PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStat { /** * Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions. */ metric: pulumi.Input; /** * Statistic of the metrics to return. */ stat: pulumi.Input; /** * Unit of the metrics to return. */ unit?: pulumi.Input; } export interface PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetric { /** * Dimensions of the metric. */ dimensions?: pulumi.Input[]>; /** * Name of the metric. */ metricName: pulumi.Input; /** * Namespace of the metric. */ namespace: pulumi.Input; } export interface PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimension { /** * Name of the dimension. */ name: pulumi.Input; /** * Value of the dimension. */ value: pulumi.Input; } export interface PolicyTargetTrackingConfigurationPredefinedMetricSpecification { /** * Metric type. */ predefinedMetricType: pulumi.Input; /** * Identifies the resource associated with the metric type. */ resourceLabel?: pulumi.Input; } export interface TagTag { /** * Tag name. */ key: pulumi.Input; /** * Whether to propagate the tags to instances launched by the ASG. */ propagateAtLaunch: pulumi.Input; /** * Tag value. */ value: pulumi.Input; } export interface TrafficSourceAttachmentTrafficSource { /** * Identifies the traffic source. For Application Load Balancers, Gateway Load Balancers, Network Load Balancers, and VPC Lattice, this will be the Amazon Resource Name (ARN) for a target group in this account and Region. For Classic Load Balancers, this will be the name of the Classic Load Balancer in this account and Region. */ identifier: pulumi.Input; /** * Provides additional context for the value of `identifier`. * The following lists the valid values: * `elb` if `identifier` is the name of a Classic Load Balancer. * `elbv2` if `identifier` is the ARN of an Application Load Balancer, Gateway Load Balancer, or Network Load Balancer target group. * `vpc-lattice` if `identifier` is the ARN of a VPC Lattice target group. */ type: pulumi.Input; } } export namespace autoscalingplans { export interface ScalingPlanApplicationSource { /** * ARN of a AWS CloudFormation stack. */ cloudformationStackArn?: pulumi.Input; /** * Set of tags. */ tagFilters?: pulumi.Input[]>; } export interface ScalingPlanApplicationSourceTagFilter { /** * Tag key. */ key: pulumi.Input; /** * Tag values. */ values?: pulumi.Input[]>; } export interface ScalingPlanScalingInstruction { /** * Customized load metric to use for predictive scaling. You must specify either `customizedLoadMetricSpecification` or `predefinedLoadMetricSpecification` when configuring predictive scaling. * More details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_CustomizedLoadMetricSpecification.html). */ customizedLoadMetricSpecification?: pulumi.Input; /** * Boolean controlling whether dynamic scaling by AWS Auto Scaling is disabled. Defaults to `false`. */ disableDynamicScaling?: pulumi.Input; /** * Maximum capacity of the resource. The exception to this upper limit is if you specify a non-default setting for `predictiveScalingMaxCapacityBehavior`. */ maxCapacity: pulumi.Input; /** * Minimum capacity of the resource. */ minCapacity: pulumi.Input; /** * Predefined load metric to use for predictive scaling. You must specify either `predefinedLoadMetricSpecification` or `customizedLoadMetricSpecification` when configuring predictive scaling. * More details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_PredefinedLoadMetricSpecification.html). */ predefinedLoadMetricSpecification?: pulumi.Input; /** * Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity specified for the resource. * Valid values: `SetForecastCapacityToMaxCapacity`, `SetMaxCapacityAboveForecastCapacity`, `SetMaxCapacityToForecastCapacity`. */ predictiveScalingMaxCapacityBehavior?: pulumi.Input; /** * Size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity. */ predictiveScalingMaxCapacityBuffer?: pulumi.Input; /** * Predictive scaling mode. Valid values: `ForecastAndScale`, `ForecastOnly`. */ predictiveScalingMode?: pulumi.Input; /** * ID of the resource. This string consists of the resource type and unique identifier. */ resourceId: pulumi.Input; /** * Scalable dimension associated with the resource. Valid values: `autoscaling:autoScalingGroup:DesiredCapacity`, `dynamodb:index:ReadCapacityUnits`, `dynamodb:index:WriteCapacityUnits`, `dynamodb:table:ReadCapacityUnits`, `dynamodb:table:WriteCapacityUnits`, `ecs:service:DesiredCount`, `ec2:spot-fleet-request:TargetCapacity`, `rds:cluster:ReadReplicaCount`. */ scalableDimension: pulumi.Input; /** * Controls whether a resource's externally created scaling policies are kept or replaced. Valid values: `KeepExternalPolicies`, `ReplaceExternalPolicies`. Defaults to `KeepExternalPolicies`. */ scalingPolicyUpdateBehavior?: pulumi.Input; /** * Amount of time, in seconds, to buffer the run time of scheduled scaling actions when scaling out. */ scheduledActionBufferTime?: pulumi.Input; /** * Namespace of the AWS service. Valid values: `autoscaling`, `dynamodb`, `ecs`, `ec2`, `rds`. */ serviceNamespace: pulumi.Input; /** * Structure that defines new target tracking configurations. Each of these structures includes a specific scaling metric and a target value for the metric, along with various parameters to use with dynamic scaling. * More details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_TargetTrackingConfiguration.html). */ targetTrackingConfigurations: pulumi.Input[]>; } export interface ScalingPlanScalingInstructionCustomizedLoadMetricSpecification { /** * Dimensions of the metric. */ dimensions?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Name of the metric. */ metricName: pulumi.Input; /** * Namespace of the metric. */ namespace: pulumi.Input; /** * Statistic of the metric. Currently, the value must always be `Sum`. */ statistic: pulumi.Input; /** * Unit of the metric. */ unit?: pulumi.Input; } export interface ScalingPlanScalingInstructionPredefinedLoadMetricSpecification { /** * Metric type. Valid values: `ALBTargetGroupRequestCount`, `ASGTotalCPUUtilization`, `ASGTotalNetworkIn`, `ASGTotalNetworkOut`. */ predefinedLoadMetricType: pulumi.Input; /** * Identifies the resource associated with the metric type. */ resourceLabel?: pulumi.Input; } export interface ScalingPlanScalingInstructionTargetTrackingConfiguration { /** * Customized metric. You can specify either `customizedScalingMetricSpecification` or `predefinedScalingMetricSpecification`. * More details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_CustomizedScalingMetricSpecification.html). */ customizedScalingMetricSpecification?: pulumi.Input; /** * Boolean indicating whether scale in by the target tracking scaling policy is disabled. Defaults to `false`. */ disableScaleIn?: pulumi.Input; /** * Estimated time, in seconds, until a newly launched instance can contribute to the CloudWatch metrics. * This value is used only if the resource is an Auto Scaling group. */ estimatedInstanceWarmup?: pulumi.Input; /** * Predefined metric. You can specify either `predefinedScalingMetricSpecification` or `customizedScalingMetricSpecification`. * More details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_PredefinedScalingMetricSpecification.html). */ predefinedScalingMetricSpecification?: pulumi.Input; /** * Amount of time, in seconds, after a scale in activity completes before another scale in activity can start. * This value is not used if the scalable resource is an Auto Scaling group. */ scaleInCooldown?: pulumi.Input; /** * Amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start. * This value is not used if the scalable resource is an Auto Scaling group. */ scaleOutCooldown?: pulumi.Input; /** * Target value for the metric. */ targetValue: pulumi.Input; } export interface ScalingPlanScalingInstructionTargetTrackingConfigurationCustomizedScalingMetricSpecification { /** * Dimensions of the metric. */ dimensions?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Name of the metric. */ metricName: pulumi.Input; /** * Namespace of the metric. */ namespace: pulumi.Input; /** * Statistic of the metric. Valid values: `Average`, `Maximum`, `Minimum`, `SampleCount`, `Sum`. */ statistic: pulumi.Input; /** * Unit of the metric. */ unit?: pulumi.Input; } export interface ScalingPlanScalingInstructionTargetTrackingConfigurationPredefinedScalingMetricSpecification { /** * Metric type. Valid values: `ALBRequestCountPerTarget`, `ASGAverageCPUUtilization`, `ASGAverageNetworkIn`, `ASGAverageNetworkOut`, `DynamoDBReadCapacityUtilization`, `DynamoDBWriteCapacityUtilization`, `ECSServiceAverageCPUUtilization`, `ECSServiceAverageMemoryUtilization`, `EC2SpotFleetRequestAverageCPUUtilization`, `EC2SpotFleetRequestAverageNetworkIn`, `EC2SpotFleetRequestAverageNetworkOut`, `RDSReaderAverageCPUUtilization`, `RDSReaderAverageDatabaseConnections`. */ predefinedScalingMetricType: pulumi.Input; /** * Identifies the resource associated with the metric type. */ resourceLabel?: pulumi.Input; } } export namespace backup { export interface FrameworkControl { /** * One or more input parameter blocks. An example of a control with two parameters is: "backup plan frequency is at least daily and the retention period is at least 1 year". The first parameter is daily. The second parameter is 1 year. Detailed below. */ inputParameters?: pulumi.Input[]>; /** * The name of a control. This name is between 1 and 256 characters. */ name: pulumi.Input; /** * The scope of a control. The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans. Detailed below. */ scope?: pulumi.Input; } export interface FrameworkControlInputParameter { /** * The name of a parameter, for example, BackupPlanFrequency. */ name?: pulumi.Input; /** * The value of parameter, for example, hourly. */ value?: pulumi.Input; } export interface FrameworkControlScope { /** * The ID of the only AWS resource that you want your control scope to contain. Minimum number of 1 item. Maximum number of 100 items. */ complianceResourceIds?: pulumi.Input[]>; /** * Describes whether the control scope includes one or more types of resources, such as EFS or RDS. */ complianceResourceTypes?: pulumi.Input[]>; /** * The tag key-value pair applied to those AWS resources that you want to trigger an evaluation for a rule. A maximum of one key-value pair can be provided. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface PlanAdvancedBackupSetting { /** * Specifies the backup option for a selected resource. This option is only available for Windows VSS backup jobs. Set to `{ WindowsVSS = "enabled" }` to enable Windows VSS backup option and create a VSS Windows backup. */ backupOptions: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The type of AWS resource to be backed up. For VSS Windows backups, the only supported resource type is Amazon EC2. Valid values: `EC2`. */ resourceType: pulumi.Input; } export interface PlanRule { /** * The amount of time in minutes AWS Backup attempts a backup before canceling the job and returning an error. */ completionWindow?: pulumi.Input; /** * Configuration block(s) with copy operation settings. Detailed below. */ copyActions?: pulumi.Input[]>; /** * Enable continuous backups for supported resources. */ enableContinuousBackup?: pulumi.Input; /** * The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Fields documented below. */ lifecycle?: pulumi.Input; /** * Metadata that you can assign to help organize the resources that you create. */ recoveryPointTags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * An display name for a backup rule. */ ruleName: pulumi.Input; /** * A CRON expression specifying when AWS Backup initiates a backup job. */ schedule?: pulumi.Input; /** * The amount of time in minutes before beginning a backup. */ startWindow?: pulumi.Input; /** * The name of a logical container where backups are stored. */ targetVaultName: pulumi.Input; } export interface PlanRuleCopyAction { /** * An Amazon Resource Name (ARN) that uniquely identifies the destination backup vault for the copied backup. */ destinationVaultArn: pulumi.Input; /** * The lifecycle defines when a protected resource is copied over to a backup vault and when it expires. Fields documented above. */ lifecycle?: pulumi.Input; } export interface PlanRuleCopyActionLifecycle { /** * Specifies the number of days after creation that a recovery point is moved to cold storage. */ coldStorageAfter?: pulumi.Input; /** * Specifies the number of days after creation that a recovery point is deleted. Must be 90 days greater than `coldStorageAfter`. */ deleteAfter?: pulumi.Input; } export interface PlanRuleLifecycle { /** * Specifies the number of days after creation that a recovery point is moved to cold storage. */ coldStorageAfter?: pulumi.Input; /** * Specifies the number of days after creation that a recovery point is deleted. Must be 90 days greater than `coldStorageAfter`. */ deleteAfter?: pulumi.Input; } export interface ReportPlanReportDeliveryChannel { /** * A list of the format of your reports: CSV, JSON, or both. If not specified, the default format is CSV. */ formats?: pulumi.Input[]>; /** * The unique name of the S3 bucket that receives your reports. */ s3BucketName: pulumi.Input; /** * The prefix for where Backup Audit Manager delivers your reports to Amazon S3. The prefix is this part of the following path: s3://your-bucket-name/prefix/Backup/us-west-2/year/month/day/report-name. If not specified, there is no prefix. */ s3KeyPrefix?: pulumi.Input; } export interface ReportPlanReportSetting { /** * Specifies the list of accounts a report covers. */ accounts?: pulumi.Input[]>; /** * Specifies the Amazon Resource Names (ARNs) of the frameworks a report covers. */ frameworkArns?: pulumi.Input[]>; /** * Specifies the number of frameworks a report covers. */ numberOfFrameworks?: pulumi.Input; /** * Specifies the list of Organizational Units a report covers. */ organizationUnits?: pulumi.Input[]>; /** * Specifies the list of regions a report covers. */ regions?: pulumi.Input[]>; /** * Identifies the report template for the report. Reports are built using a report template. The report templates are: `RESOURCE_COMPLIANCE_REPORT` | `CONTROL_COMPLIANCE_REPORT` | `BACKUP_JOB_REPORT` | `COPY_JOB_REPORT` | `RESTORE_JOB_REPORT`. */ reportTemplate: pulumi.Input; } export interface SelectionCondition { stringEquals?: pulumi.Input[]>; stringLikes?: pulumi.Input[]>; stringNotEquals?: pulumi.Input[]>; stringNotLikes?: pulumi.Input[]>; } export interface SelectionConditionStringEqual { /** * The key in a key-value pair. */ key: pulumi.Input; /** * The value in a key-value pair. */ value: pulumi.Input; } export interface SelectionConditionStringLike { /** * The key in a key-value pair. */ key: pulumi.Input; /** * The value in a key-value pair. */ value: pulumi.Input; } export interface SelectionConditionStringNotEqual { /** * The key in a key-value pair. */ key: pulumi.Input; /** * The value in a key-value pair. */ value: pulumi.Input; } export interface SelectionConditionStringNotLike { /** * The key in a key-value pair. */ key: pulumi.Input; /** * The value in a key-value pair. */ value: pulumi.Input; } export interface SelectionSelectionTag { /** * The key in a key-value pair. */ key: pulumi.Input; /** * An operation, such as `StringEquals`, that is applied to a key-value pair used to filter resources in a selection. */ type: pulumi.Input; /** * The value in a key-value pair. */ value: pulumi.Input; } } export namespace batch { export interface ComputeEnvironmentComputeResources { /** * The allocation strategy to use for the compute resource in case not enough instances of the best fitting instance type can be allocated. Valid items are `BEST_FIT_PROGRESSIVE`, `SPOT_CAPACITY_OPTIMIZED` or `BEST_FIT`. Defaults to `BEST_FIT`. See [AWS docs](https://docs.aws.amazon.com/batch/latest/userguide/allocation-strategies.html) for details. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ allocationStrategy?: pulumi.Input; /** * Integer of maximum percentage that a Spot Instance price can be when compared with the On-Demand price for that instance type before instances are launched. For example, if your bid percentage is 20% (`20`), then the Spot price must be below 20% of the current On-Demand price for that EC2 instance. If you leave this field empty, the default value is 100% of the On-Demand price. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ bidPercentage?: pulumi.Input; /** * The desired number of EC2 vCPUS in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ desiredVcpus?: pulumi.Input; /** * Provides information used to select Amazon Machine Images (AMIs) for EC2 instances in the compute environment. If Ec2Configuration isn't specified, the default is ECS_AL2. This parameter isn't applicable to jobs that are running on Fargate resources, and shouldn't be specified. */ ec2Configurations?: pulumi.Input[]>; /** * The EC2 key pair that is used for instances launched in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ ec2KeyPair?: pulumi.Input; /** * The Amazon Machine Image (AMI) ID used for instances launched in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. (Deprecated, use `ec2Configuration` `imageIdOverride` instead) */ imageId?: pulumi.Input; /** * The Amazon ECS instance role applied to Amazon EC2 instances in a compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ instanceRole?: pulumi.Input; /** * A list of instance types that may be launched. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ instanceTypes?: pulumi.Input[]>; /** * The launch template to use for your compute resources. See details below. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ launchTemplate?: pulumi.Input; /** * The maximum number of EC2 vCPUs that an environment can reach. */ maxVcpus: pulumi.Input; /** * The minimum number of EC2 vCPUs that an environment should maintain. For `EC2` or `SPOT` compute environments, if the parameter is not explicitly defined, a `0` default value will be set. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ minVcpus?: pulumi.Input; /** * The Amazon EC2 placement group to associate with your compute resources. */ placementGroup?: pulumi.Input; /** * A list of EC2 security group that are associated with instances launched in the compute environment. This parameter is required for Fargate compute environments. */ securityGroupIds?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a SPOT compute environment. This parameter is required for SPOT compute environments. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ spotIamFleetRole?: pulumi.Input; /** * A list of VPC subnets into which the compute resources are launched. */ subnets: pulumi.Input[]>; /** * Key-value pair tags to be applied to resources that are launched in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The type of compute environment. Valid items are `EC2`, `SPOT`, `FARGATE` or `FARGATE_SPOT`. */ type: pulumi.Input; } export interface ComputeEnvironmentComputeResourcesEc2Configuration { /** * The AMI ID used for instances launched in the compute environment that match the image type. This setting overrides the `imageId` argument in the `computeResources` block. */ imageIdOverride?: pulumi.Input; /** * The image type to match with the instance type to select an AMI. If the `imageIdOverride` parameter isn't specified, then a recent [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) (`ECS_AL2`) is used. */ imageType?: pulumi.Input; } export interface ComputeEnvironmentComputeResourcesLaunchTemplate { /** * ID of the launch template. You must specify either the launch template ID or launch template name in the request, but not both. */ launchTemplateId?: pulumi.Input; /** * Name of the launch template. */ launchTemplateName?: pulumi.Input; /** * The version number of the launch template. Default: The default version of the launch template. */ version?: pulumi.Input; } export interface ComputeEnvironmentEksConfiguration { /** * The Amazon Resource Name (ARN) of the Amazon EKS cluster. */ eksClusterArn: pulumi.Input; /** * The namespace of the Amazon EKS cluster. AWS Batch manages pods in this namespace. */ kubernetesNamespace: pulumi.Input; } export interface JobDefinitionRetryStrategy { /** * The number of times to move a job to the `RUNNABLE` status. You may specify between `1` and `10` attempts. */ attempts?: pulumi.Input; /** * The evaluate on exit conditions under which the job should be retried or failed. If this parameter is specified, then the `attempts` parameter must also be specified. You may specify up to 5 configuration blocks. */ evaluateOnExits?: pulumi.Input[]>; } export interface JobDefinitionRetryStrategyEvaluateOnExit { /** * Specifies the action to take if all of the specified conditions are met. The values are not case sensitive. Valid values: `RETRY`, `EXIT`. */ action: pulumi.Input; /** * A glob pattern to match against the decimal representation of the exit code returned for a job. */ onExitCode?: pulumi.Input; /** * A glob pattern to match against the reason returned for a job. */ onReason?: pulumi.Input; /** * A glob pattern to match against the status reason returned for a job. */ onStatusReason?: pulumi.Input; } export interface JobDefinitionTimeout { /** * The time duration in seconds after which AWS Batch terminates your jobs if they have not finished. The minimum value for the timeout is `60` seconds. */ attemptDurationSeconds?: pulumi.Input; } export interface JobQueueTimeouts { create?: pulumi.Input; delete?: pulumi.Input; update?: pulumi.Input; } export interface SchedulingPolicyFairSharePolicy { /** * A value used to reserve some of the available maximum vCPU for fair share identifiers that have not yet been used. For more information, see [FairsharePolicy](https://docs.aws.amazon.com/batch/latest/APIReference/API_FairsharePolicy.html). */ computeReservation?: pulumi.Input; shareDecaySeconds?: pulumi.Input; /** * One or more share distribution blocks which define the weights for the fair share identifiers for the fair share policy. For more information, see [FairsharePolicy](https://docs.aws.amazon.com/batch/latest/APIReference/API_FairsharePolicy.html). The `shareDistribution` block is documented below. */ shareDistributions?: pulumi.Input[]>; } export interface SchedulingPolicyFairSharePolicyShareDistribution { /** * A fair share identifier or fair share identifier prefix. For more information, see [ShareAttributes](https://docs.aws.amazon.com/batch/latest/APIReference/API_ShareAttributes.html). */ shareIdentifier: pulumi.Input; /** * The weight factor for the fair share identifier. For more information, see [ShareAttributes](https://docs.aws.amazon.com/batch/latest/APIReference/API_ShareAttributes.html). */ weightFactor?: pulumi.Input; } } export namespace budgets { export interface BudgetActionActionThreshold { /** * The type of threshold for a notification. Valid values are `PERCENTAGE` or `ABSOLUTE_VALUE`. */ actionThresholdType: pulumi.Input; /** * The threshold of a notification. */ actionThresholdValue: pulumi.Input; } export interface BudgetActionDefinition { /** * The AWS Identity and Access Management (IAM) action definition details. See IAM Action Definition. */ iamActionDefinition?: pulumi.Input; /** * The service control policies (SCPs) action definition details. See SCP Action Definition. */ scpActionDefinition?: pulumi.Input; /** * The AWS Systems Manager (SSM) action definition details. See SSM Action Definition. */ ssmActionDefinition?: pulumi.Input; } export interface BudgetActionDefinitionIamActionDefinition { /** * A list of groups to be attached. There must be at least one group. */ groups?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of the policy to be attached. */ policyArn: pulumi.Input; /** * A list of roles to be attached. There must be at least one role. */ roles?: pulumi.Input[]>; /** * A list of users to be attached. There must be at least one user. */ users?: pulumi.Input[]>; } export interface BudgetActionDefinitionScpActionDefinition { /** * The policy ID attached. */ policyId: pulumi.Input; /** * A list of target IDs. */ targetIds: pulumi.Input[]>; } export interface BudgetActionDefinitionSsmActionDefinition { /** * The action subType. Valid values are `STOP_EC2_INSTANCES` or `STOP_RDS_INSTANCES`. */ actionSubType: pulumi.Input; /** * The EC2 and RDS instance IDs. */ instanceIds: pulumi.Input[]>; /** * The Region to run the SSM document. */ region: pulumi.Input; } export interface BudgetActionSubscriber { /** * The address that AWS sends budget notifications to, either an SNS topic or an email. */ address: pulumi.Input; /** * The type of notification that AWS sends to a subscriber. Valid values are `SNS` or `EMAIL`. */ subscriptionType: pulumi.Input; } export interface BudgetAutoAdjustData { autoAdjustType: pulumi.Input; historicalOptions?: pulumi.Input; lastAutoAdjustTime?: pulumi.Input; } export interface BudgetAutoAdjustDataHistoricalOptions { budgetAdjustmentPeriod: pulumi.Input; lookbackAvailablePeriods?: pulumi.Input; } export interface BudgetCostFilter { /** * The name of a budget. Unique within accounts. */ name: pulumi.Input; values: pulumi.Input[]>; } export interface BudgetCostTypes { /** * A boolean value whether to include credits in the cost budget. Defaults to `true` */ includeCredit?: pulumi.Input; /** * Whether a budget includes discounts. Defaults to `true` */ includeDiscount?: pulumi.Input; /** * A boolean value whether to include other subscription costs in the cost budget. Defaults to `true` */ includeOtherSubscription?: pulumi.Input; /** * A boolean value whether to include recurring costs in the cost budget. Defaults to `true` */ includeRecurring?: pulumi.Input; /** * A boolean value whether to include refunds in the cost budget. Defaults to `true` */ includeRefund?: pulumi.Input; /** * A boolean value whether to include subscriptions in the cost budget. Defaults to `true` */ includeSubscription?: pulumi.Input; /** * A boolean value whether to include support costs in the cost budget. Defaults to `true` */ includeSupport?: pulumi.Input; /** * A boolean value whether to include tax in the cost budget. Defaults to `true` */ includeTax?: pulumi.Input; /** * A boolean value whether to include upfront costs in the cost budget. Defaults to `true` */ includeUpfront?: pulumi.Input; /** * Whether a budget uses the amortized rate. Defaults to `false` */ useAmortized?: pulumi.Input; /** * A boolean value whether to use blended costs in the cost budget. Defaults to `false` */ useBlended?: pulumi.Input; } export interface BudgetNotification { /** * (Required) Comparison operator to use to evaluate the condition. Can be `LESS_THAN`, `EQUAL_TO` or `GREATER_THAN`. */ comparisonOperator: pulumi.Input; /** * (Required) What kind of budget value to notify on. Can be `ACTUAL` or `FORECASTED` */ notificationType: pulumi.Input; /** * (Optional) E-Mail addresses to notify. Either this or `subscriberSnsTopicArns` is required. */ subscriberEmailAddresses?: pulumi.Input[]>; /** * (Optional) SNS topics to notify. Either this or `subscriberEmailAddresses` is required. */ subscriberSnsTopicArns?: pulumi.Input[]>; /** * (Required) Threshold when the notification should be sent. */ threshold: pulumi.Input; /** * (Required) What kind of threshold is defined. Can be `PERCENTAGE` OR `ABSOLUTE_VALUE`. */ thresholdType: pulumi.Input; } export interface BudgetPlannedLimit { /** * (Required) The amount of cost or usage being measured for a budget. */ amount: pulumi.Input; /** * (Required) The start time of the budget limit. Format: `2017-01-01_12:00`. See [PlannedBudgetLimits](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_budgets_Budget.html#awscostmanagement-Type-budgets_Budget-PlannedBudgetLimits) documentation. */ startTime: pulumi.Input; /** * (Required) The unit of measurement used for the budget forecast, actual spend, or budget threshold, such as dollars or GB. See [Spend](http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/data-type-spend.html) documentation. */ unit: pulumi.Input; } } export namespace cfg { export interface ConfigurationAggregatorAccountAggregationSource { /** * List of 12-digit account IDs of the account(s) being aggregated. */ accountIds: pulumi.Input[]>; /** * If true, aggregate existing AWS Config regions and future regions. */ allRegions?: pulumi.Input; /** * List of source regions being aggregated. * * Either `regions` or `allRegions` (as true) must be specified. */ regions?: pulumi.Input[]>; } export interface ConfigurationAggregatorOrganizationAggregationSource { /** * If true, aggregate existing AWS Config regions and future regions. */ allRegions?: pulumi.Input; /** * List of source regions being aggregated. */ regions?: pulumi.Input[]>; /** * ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account. * * Either `regions` or `allRegions` (as true) must be specified. */ roleArn: pulumi.Input; } export interface ConformancePackInputParameter { /** * The input key. */ parameterName: pulumi.Input; /** * The input value. */ parameterValue: pulumi.Input; } export interface DeliveryChannelSnapshotDeliveryProperties { /** * The frequency with which AWS Config recurringly delivers configuration snapshotsE.g., `One_Hour` or `Three_Hours`. Valid values are listed [here](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html#API_ConfigSnapshotDeliveryProperties_Contents). */ deliveryFrequency?: pulumi.Input; } export interface OrganizationConformancePackInputParameter { /** * The input key. */ parameterName: pulumi.Input; /** * The input value. */ parameterValue: pulumi.Input; } export interface RecorderRecordingGroup { /** * Specifies whether AWS Config records configuration changes for every supported type of regional resource (which includes any new type that will become supported in the future). Conflicts with `resourceTypes`. Defaults to `true`. */ allSupported?: pulumi.Input; /** * An object that specifies how AWS Config excludes resource types from being recorded by the configuration recorder.To use this option, you must set the useOnly field of RecordingStrategy to `EXCLUSION_BY_RESOURCE_TYPES` Requires `allSupported = false`. Conflicts with `resourceTypes`. */ exclusionByResourceTypes?: pulumi.Input[]>; /** * Specifies whether AWS Config includes all supported types of _global resources_ with the resources that it records. Requires `allSupported = true`. Conflicts with `resourceTypes`. */ includeGlobalResourceTypes?: pulumi.Input; /** * Recording Strategy - see below.. */ recordingStrategies?: pulumi.Input[]>; /** * A list that specifies the types of AWS resources for which AWS Config records configuration changes (for example, `AWS::EC2::Instance` or `AWS::CloudTrail::Trail`). See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types. In order to use this attribute, `allSupported` must be set to false. */ resourceTypes?: pulumi.Input[]>; } export interface RecorderRecordingGroupExclusionByResourceType { /** * A list that specifies the types of AWS resources for which AWS Config records configuration changes (for example, `AWS::EC2::Instance` or `AWS::CloudTrail::Trail`). See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types. In order to use this attribute, `allSupported` must be set to false. */ resourceTypes?: pulumi.Input[]>; } export interface RecorderRecordingGroupRecordingStrategy { useOnly?: pulumi.Input; } export interface RemediationConfigurationExecutionControls { /** * Configuration block for SSM controls. See below. */ ssmControls?: pulumi.Input; } export interface RemediationConfigurationExecutionControlsSsmControls { /** * Maximum percentage of remediation actions allowed to run in parallel on the non-compliant resources for that specific rule. The default value is 10%. */ concurrentExecutionRatePercentage?: pulumi.Input; /** * Percentage of errors that are allowed before SSM stops running automations on non-compliant resources for that specific rule. The default is 50%. */ errorPercentage?: pulumi.Input; } export interface RemediationConfigurationParameter { /** * Name of the attribute. */ name: pulumi.Input; /** * Value is dynamic and changes at run-time. */ resourceValue?: pulumi.Input; /** * Value is static and does not change at run-time. */ staticValue?: pulumi.Input; /** * List of static values. */ staticValues?: pulumi.Input[]>; } export interface RuleScope { /** * The IDs of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `complianceResourceTypes`. */ complianceResourceId?: pulumi.Input; /** * A list of resource types of only those AWS resources that you want to trigger an evaluation for the ruleE.g., `AWS::EC2::Instance`. You can only specify one type if you also specify a resource ID for `complianceResourceId`. See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types. */ complianceResourceTypes?: pulumi.Input[]>; /** * The tag key that is applied to only those AWS resources that you want you want to trigger an evaluation for the rule. */ tagKey?: pulumi.Input; /** * The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. */ tagValue?: pulumi.Input; } export interface RuleSource { /** * Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY`. See Custom Policy Details Below. */ customPolicyDetails?: pulumi.Input; /** * Indicates whether AWS or the customer owns and manages the AWS Config rule. Valid values are `AWS`, `CUSTOM_LAMBDA` or `CUSTOM_POLICY`. For more information about managed rules, see the [AWS Config Managed Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html). For more information about custom rules, see the [AWS Config Custom Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html). Custom Lambda Functions require permissions to allow the AWS Config service to invoke them, e.g., via the `aws.lambda.Permission` resource. */ owner: pulumi.Input; /** * Provides the source and type of the event that causes AWS Config to evaluate your AWS resources. Only valid if `owner` is `CUSTOM_LAMBDA` or `CUSTOM_POLICY`. See Source Detail Below. */ sourceDetails?: pulumi.Input[]>; /** * For AWS Config managed rules, a predefined identifier, e.g `IAM_PASSWORD_POLICY`. For custom Lambda rules, the identifier is the ARN of the Lambda Function, such as `arn:aws:lambda:us-east-1:123456789012:function:custom_rule_name` or the `arn` attribute of the `aws.lambda.Function` resource. */ sourceIdentifier?: pulumi.Input; } export interface RuleSourceCustomPolicyDetails { /** * The boolean expression for enabling debug logging for your Config Custom Policy rule. The default value is `false`. */ enableDebugLogDelivery?: pulumi.Input; /** * The runtime system for your Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://github.com/aws-cloudformation/cloudformation-guard). */ policyRuntime: pulumi.Input; /** * The policy definition containing the logic for your Config Custom Policy rule. */ policyText: pulumi.Input; } export interface RuleSourceSourceDetail { /** * The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWSresources. This defaults to `aws.config` and is the only valid value. */ eventSource?: pulumi.Input; /** * The frequency that you want AWS Config to run evaluations for a rule that istriggered periodically. If specified, requires `messageType` to be `ScheduledNotification`. */ maximumExecutionFrequency?: pulumi.Input; /** * The type of notification that triggers AWS Config to run an evaluation for a rule. You canspecify the following notification types: */ messageType?: pulumi.Input; } } export namespace chime { export interface SdkvoiceGlobalSettingsVoiceConnector { /** * The S3 bucket that stores the Voice Connector's call detail records. */ cdrBucket?: pulumi.Input; } export interface SdkvoiceSipMediaApplicationEndpoints { /** * Valid Amazon Resource Name (ARN) of the Lambda function, version, or alias. The function must be created in the same AWS Region as the SIP media application. */ lambdaArn: pulumi.Input; } export interface SdkvoiceSipRuleTargetApplication { /** * The AWS Region of the target application. */ awsRegion: pulumi.Input; /** * Priority of the SIP media application in the target list. */ priority: pulumi.Input; /** * The SIP media application ID. */ sipMediaApplicationId: pulumi.Input; } export interface SdkvoiceVoiceProfileDomainServerSideEncryptionConfiguration { /** * ARN for KMS Key. * * The following arguments are optional: */ kmsKeyArn: pulumi.Input; } export interface VoiceConnectorGroupConnector { /** * The priority associated with the Amazon Chime Voice Connector, with 1 being the highest priority. Higher priority Amazon Chime Voice Connectors are attempted first. */ priority: pulumi.Input; /** * The Amazon Chime Voice Connector ID. */ voiceConnectorId: pulumi.Input; } export interface VoiceConnectorOrganizationRoute { /** * The FQDN or IP address to contact for origination traffic. */ host: pulumi.Input; /** * The designated origination route port. Defaults to `5060`. */ port?: pulumi.Input; /** * The priority associated with the host, with 1 being the highest priority. Higher priority hosts are attempted first. */ priority: pulumi.Input; /** * The protocol to use for the origination route. Encryption-enabled Amazon Chime Voice Connectors use TCP protocol by default. */ protocol: pulumi.Input; /** * The weight associated with the host. If hosts are equal in priority, calls are redistributed among them based on their relative weight. */ weight: pulumi.Input; } export interface VoiceConnectorStreamingMediaInsightsConfiguration { /** * The media insights configuration that will be invoked by the Voice Connector. */ configurationArn?: pulumi.Input; /** * When `true`, the media insights configuration is not enabled. Defaults to `false`. */ disabled?: pulumi.Input; } export interface VoiceConnectorTerminationCredentialsCredential { /** * RFC2617 compliant password associated with the SIP credentials. */ password: pulumi.Input; /** * RFC2617 compliant username associated with the SIP credentials. */ username: pulumi.Input; } } export namespace chimesdkmediapipelines { export interface MediaInsightsPipelineConfigurationElement { /** * Configuration for Amazon Transcribe Call Analytics processor. */ amazonTranscribeCallAnalyticsProcessorConfiguration?: pulumi.Input; /** * Configuration for Amazon Transcribe processor. */ amazonTranscribeProcessorConfiguration?: pulumi.Input; /** * Configuration for Kinesis Data Stream sink. */ kinesisDataStreamSinkConfiguration?: pulumi.Input; /** * Configuration for Lambda Function sink. */ lambdaFunctionSinkConfiguration?: pulumi.Input; /** * Configuration for S3 recording sink. */ s3RecordingSinkConfiguration?: pulumi.Input; /** * Configuration for SNS Topic sink. */ snsTopicSinkConfiguration?: pulumi.Input; /** * Configuration for SQS Queue sink. */ sqsQueueSinkConfiguration?: pulumi.Input; /** * Element type. */ type: pulumi.Input; /** * Configuration for Voice analytics processor. */ voiceAnalyticsProcessorConfiguration?: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfiguration { /** * Filter for category events to be delivered to insights target. */ callAnalyticsStreamCategories?: pulumi.Input[]>; /** * Labels all personally identifiable information (PII) identified in Utterance events. */ contentIdentificationType?: pulumi.Input; /** * Redacts all personally identifiable information (PII) identified in Utterance events. */ contentRedactionType?: pulumi.Input; /** * Enables partial result stabilization in Utterance events. */ enablePartialResultsStabilization?: pulumi.Input; /** * Filters partial Utterance events from delivery to the insights target. */ filterPartialResults?: pulumi.Input; /** * Language code for the transcription model. */ languageCode: pulumi.Input; /** * Name of custom language model for transcription. */ languageModelName?: pulumi.Input; /** * Level of stability to use when partial results stabilization is enabled. */ partialResultsStability?: pulumi.Input; /** * Types of personally identifiable information (PII) to redact from an Utterance event. */ piiEntityTypes?: pulumi.Input; /** * Settings for post call analytics. */ postCallAnalyticsSettings?: pulumi.Input; /** * Method for applying a vocabulary filter to Utterance events. */ vocabularyFilterMethod?: pulumi.Input; /** * Name of the custom vocabulary filter to use when processing Utterance events. */ vocabularyFilterName?: pulumi.Input; /** * Name of the custom vocabulary to use when processing Utterance events. */ vocabularyName?: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationPostCallAnalyticsSettings { /** * Should output be redacted. */ contentRedactionOutput?: pulumi.Input; /** * ARN of the role used by AWS Transcribe to upload your post call analysis. */ dataAccessRoleArn: pulumi.Input; /** * ID of the KMS key used to encrypt the output. */ outputEncryptionKmsKeyId?: pulumi.Input; /** * The Amazon S3 location where you want your Call Analytics post-call transcription output stored. */ outputLocation: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementAmazonTranscribeProcessorConfiguration { /** * Labels all personally identifiable information (PII) identified in Utterance events. */ contentIdentificationType?: pulumi.Input; /** * Redacts all personally identifiable information (PII) identified in Utterance events. */ contentRedactionType?: pulumi.Input; /** * Enables partial result stabilization in Utterance events. */ enablePartialResultsStabilization?: pulumi.Input; /** * Filters partial Utterance events from delivery to the insights target. */ filterPartialResults?: pulumi.Input; /** * Language code for the transcription model. */ languageCode: pulumi.Input; /** * Name of custom language model for transcription. */ languageModelName?: pulumi.Input; /** * Level of stability to use when partial results stabilization is enabled. */ partialResultsStability?: pulumi.Input; /** * Types of personally identifiable information (PII) to redact from an Utterance event. */ piiEntityTypes?: pulumi.Input; /** * Enables speaker partitioning (diarization) in your Transcript events. */ showSpeakerLabel?: pulumi.Input; /** * Method for applying a vocabulary filter to Utterance events. */ vocabularyFilterMethod?: pulumi.Input; /** * Name of the custom vocabulary filter to use when processing Utterance events. */ vocabularyFilterName?: pulumi.Input; /** * Name of the custom vocabulary to use when processing Utterance events. */ vocabularyName?: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfiguration { /** * Kinesis Data Stream to deliver results. */ insightsTarget: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementLambdaFunctionSinkConfiguration { /** * Kinesis Data Stream to deliver results. */ insightsTarget: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementS3RecordingSinkConfiguration { /** * S3 URI to deliver recordings. */ destination?: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementSnsTopicSinkConfiguration { /** * Kinesis Data Stream to deliver results. */ insightsTarget: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementSqsQueueSinkConfiguration { /** * Kinesis Data Stream to deliver results. */ insightsTarget: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementVoiceAnalyticsProcessorConfiguration { /** * Enable speaker search. */ speakerSearchStatus: pulumi.Input; /** * Enable voice tone analysis. */ voiceToneAnalysisStatus: pulumi.Input; } export interface MediaInsightsPipelineConfigurationRealTimeAlertConfiguration { /** * Disables real time alert rules. */ disabled?: pulumi.Input; /** * Collection of real time alert rules */ rules: pulumi.Input[]>; } export interface MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRule { /** * Configuration for an issue detection rule. */ issueDetectionConfiguration?: pulumi.Input; /** * Configuration for a keyword match rule. */ keywordMatchConfiguration?: pulumi.Input; /** * Configuration for a sentiment rule. */ sentimentConfiguration?: pulumi.Input; /** * Element type. */ type: pulumi.Input; } export interface MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleIssueDetectionConfiguration { /** * Rule name. */ ruleName: pulumi.Input; } export interface MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleKeywordMatchConfiguration { /** * Collection of keywords to match. */ keywords: pulumi.Input[]>; /** * Negate the rule. */ negate?: pulumi.Input; /** * Rule name. */ ruleName: pulumi.Input; } export interface MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleSentimentConfiguration { /** * Rule name. */ ruleName: pulumi.Input; /** * Sentiment type to match. */ sentimentType: pulumi.Input; /** * Analysis interval. */ timePeriod: pulumi.Input; } } export namespace cleanrooms { export interface CollaborationDataEncryptionMetadata { allowClearText: pulumi.Input; allowDuplicates: pulumi.Input; allowJoinsOnColumnsWithDifferentNames: pulumi.Input; preserveNulls: pulumi.Input; } export interface CollaborationMember { accountId: pulumi.Input; displayName: pulumi.Input; memberAbilities: pulumi.Input[]>; status?: pulumi.Input; } export interface ConfiguredTableTableReference { databaseName: pulumi.Input; tableName: pulumi.Input; } } export namespace cloudformation { export interface CloudFormationTypeLoggingConfig { /** * Name of the CloudWatch Log Group where CloudFormation sends error logging information when invoking the type's handlers. */ logGroupName: pulumi.Input; /** * Amazon Resource Name (ARN) of the IAM Role CloudFormation assumes when sending error logging information to CloudWatch Logs. */ logRoleArn: pulumi.Input; } export interface StackSetAutoDeployment { /** * Whether or not auto-deployment is enabled. */ enabled?: pulumi.Input; /** * Whether or not to retain stacks when the account is removed. */ retainStacksOnAccountRemoval?: pulumi.Input; } export interface StackSetInstanceDeploymentTargets { /** * The organization root ID or organizational unit (OU) IDs to which StackSets deploys. */ organizationalUnitIds?: pulumi.Input[]>; } export interface StackSetInstanceOperationPreferences { /** * The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region. */ failureToleranceCount?: pulumi.Input; /** * The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region. */ failureTolerancePercentage?: pulumi.Input; /** * The maximum number of accounts in which to perform this operation at one time. */ maxConcurrentCount?: pulumi.Input; /** * The maximum percentage of accounts in which to perform this operation at one time. */ maxConcurrentPercentage?: pulumi.Input; /** * The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time. Valid values are `SEQUENTIAL` and `PARALLEL`. */ regionConcurrencyType?: pulumi.Input; /** * The order of the Regions in where you want to perform the stack operation. */ regionOrders?: pulumi.Input[]>; } export interface StackSetInstanceStackInstanceSummary { /** * Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account. */ accountId?: pulumi.Input; /** * Organizational unit ID in which the stack is deployed. */ organizationalUnitId?: pulumi.Input; /** * Stack identifier. */ stackId?: pulumi.Input; } export interface StackSetManagedExecution { /** * When set to true, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order. Default is false. */ active?: pulumi.Input; } export interface StackSetOperationPreferences { /** * The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region. */ failureToleranceCount?: pulumi.Input; /** * The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region. */ failureTolerancePercentage?: pulumi.Input; /** * The maximum number of accounts in which to perform this operation at one time. */ maxConcurrentCount?: pulumi.Input; /** * The maximum percentage of accounts in which to perform this operation at one time. */ maxConcurrentPercentage?: pulumi.Input; /** * The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time. */ regionConcurrencyType?: pulumi.Input; /** * The order of the Regions in where you want to perform the stack operation. */ regionOrders?: pulumi.Input[]>; } } export namespace cloudfront { export interface CachePolicyParametersInCacheKeyAndForwardedToOrigin { /** * Whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. See Cookies Config for more information. */ cookiesConfig: pulumi.Input; /** * Flag determines whether the Accept-Encoding HTTP header is included in the cache key and in requests that CloudFront sends to the origin. */ enableAcceptEncodingBrotli?: pulumi.Input; /** * Whether the Accept-Encoding HTTP header is included in the cache key and in requests sent to the origin by CloudFront. */ enableAcceptEncodingGzip?: pulumi.Input; /** * Whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin. See Headers Config for more information. */ headersConfig: pulumi.Input; /** * Whether any URL query strings in viewer requests are included in the cache key. It also automatically includes these query strings in requests that CloudFront sends to the origin. Please refer to the Query String Config for more information. */ queryStringsConfig: pulumi.Input; } export interface CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfig { /** * Whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values for `cookieBehavior` are `none`, `whitelist`, `allExcept`, and `all`. */ cookieBehavior: pulumi.Input; /** * Object that contains a list of cookie names. See Items for more information. */ cookies?: pulumi.Input; } export interface CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigCookies { items?: pulumi.Input[]>; } export interface CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfig { /** * Whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values for `headerBehavior` are `none` and `whitelist`. */ headerBehavior?: pulumi.Input; /** * Object contains a list of header names. See Items for more information. */ headers?: pulumi.Input; } export interface CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigHeaders { items?: pulumi.Input[]>; } export interface CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfig { /** * Whether URL query strings in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values for `queryStringBehavior` are `none`, `whitelist`, `allExcept`, and `all`. */ queryStringBehavior: pulumi.Input; /** * Configuration parameter that contains a list of query string names. See Items for more information. */ queryStrings?: pulumi.Input; } export interface CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigQueryStrings { items?: pulumi.Input[]>; } export interface ContinuousDeploymentPolicyStagingDistributionDnsNames { /** * A list of CloudFront domain names for the staging distribution. */ items?: pulumi.Input[]>; /** * Number of CloudFront domain names in the staging distribution. */ quantity: pulumi.Input; } export interface ContinuousDeploymentPolicyTrafficConfig { /** * Determines which HTTP requests are sent to the staging distribution. See `singleHeaderConfig`. */ singleHeaderConfig?: pulumi.Input; /** * Contains the percentage of traffic to send to the staging distribution. See `singleWeightConfig`. */ singleWeightConfig?: pulumi.Input; /** * Type of traffic configuration. Valid values are `SingleWeight` and `SingleHeader`. */ type: pulumi.Input; } export interface ContinuousDeploymentPolicyTrafficConfigSingleHeaderConfig { /** * Request header name to send to the staging distribution. The header must contain the prefix `aws-cf-cd-`. */ header: pulumi.Input; /** * Request header value. */ value: pulumi.Input; } export interface ContinuousDeploymentPolicyTrafficConfigSingleWeightConfig { /** * Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to the staging distribution, while others are sent to the primary distribution. Define the session duration using TTL values. See `sessionStickinessConfig`. */ sessionStickinessConfig?: pulumi.Input; /** * The percentage of traffic to send to a staging distribution, expressed as a decimal number between `0` and `.15`. */ weight: pulumi.Input; } export interface ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigSessionStickinessConfig { /** * The amount of time in seconds after which sessions will cease if no requests are received. Valid values are `300` – `3600` (5–60 minutes). The value must be less than or equal to `maximumTtl`. */ idleTtl: pulumi.Input; /** * The maximum amount of time in seconds to consider requests from the viewer as being part of the same session. Valid values are `300` – `3600` (5–60 minutes). The value must be greater than or equal to `idleTtl`. */ maximumTtl: pulumi.Input; } export interface DistributionCustomErrorResponse { /** * Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. */ errorCachingMinTtl?: pulumi.Input; /** * 4xx or 5xx HTTP status code that you want to customize. */ errorCode: pulumi.Input; /** * HTTP status code that you want CloudFront to return with the custom error page to the viewer. */ responseCode?: pulumi.Input; /** * Path of the custom error page (for example, `/custom_404.html`). */ responsePagePath?: pulumi.Input; } export interface DistributionDefaultCacheBehavior { /** * Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. */ allowedMethods: pulumi.Input[]>; /** * Unique identifier of the cache policy that is attached to the cache behavior. If configuring the `defaultCacheBehavior` either `cachePolicyId` or `forwardedValues` must be set. */ cachePolicyId?: pulumi.Input; /** * Controls whether CloudFront caches the response to requests using the specified HTTP methods. */ cachedMethods: pulumi.Input[]>; /** * Whether you want CloudFront to automatically compress content for web requests that include `Accept-Encoding: gzip` in the request header (default: `false`). */ compress?: pulumi.Input; /** * Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an `Cache-Control max-age` or `Expires` header. */ defaultTtl?: pulumi.Input; /** * Field level encryption configuration ID. */ fieldLevelEncryptionId?: pulumi.Input; /** * The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one). */ forwardedValues?: pulumi.Input; /** * A config block that triggers a cloudfront function with specific actions (maximum 2). */ functionAssociations?: pulumi.Input[]>; /** * A config block that triggers a lambda function with specific actions (maximum 4). */ lambdaFunctionAssociations?: pulumi.Input[]>; /** * Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of `Cache-Control max-age`, `Cache-Control s-maxage`, and `Expires` headers. */ maxTtl?: pulumi.Input; /** * Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. */ minTtl?: pulumi.Input; /** * Unique identifier of the origin request policy that is attached to the behavior. */ originRequestPolicyId?: pulumi.Input; /** * ARN of the real-time log configuration that is attached to this cache behavior. */ realtimeLogConfigArn?: pulumi.Input; /** * Identifier for a response headers policy. */ responseHeadersPolicyId?: pulumi.Input; /** * Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. */ smoothStreaming?: pulumi.Input; /** * Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior. */ targetOriginId: pulumi.Input; /** * List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the [CloudFront User Guide](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html) for more information about this feature. */ trustedKeyGroups?: pulumi.Input[]>; /** * List of AWS account IDs (or `self`) that you want to allow to create signed URLs for private content. See the [CloudFront User Guide](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html) for more information about this feature. */ trustedSigners?: pulumi.Input[]>; /** * Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of `allow-all`, `https-only`, or `redirect-to-https`. */ viewerProtocolPolicy: pulumi.Input; } export interface DistributionDefaultCacheBehaviorForwardedValues { /** * The forwarded values cookies that specifies how CloudFront handles cookies (maximum one). */ cookies: pulumi.Input; /** * Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify `*` to include all headers. */ headers?: pulumi.Input[]>; /** * Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior. */ queryString: pulumi.Input; /** * When specified, along with a value of `true` for `queryString`, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of `true` for `queryString`, all query string keys are cached. */ queryStringCacheKeys?: pulumi.Input[]>; } export interface DistributionDefaultCacheBehaviorForwardedValuesCookies { /** * Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify `all`, `none` or `whitelist`. If `whitelist`, you must include the subsequent `whitelistedNames`. */ forward: pulumi.Input; /** * If you have specified `whitelist` to `forward`, the whitelisted cookies that you want CloudFront to forward to your origin. */ whitelistedNames?: pulumi.Input[]>; } export interface DistributionDefaultCacheBehaviorFunctionAssociation { /** * Specific event to trigger this function. Valid values: `viewer-request` or `viewer-response`. */ eventType: pulumi.Input; /** * ARN of the CloudFront function. */ functionArn: pulumi.Input; } export interface DistributionDefaultCacheBehaviorLambdaFunctionAssociation { /** * Specific event to trigger this function. Valid values: `viewer-request`, `origin-request`, `viewer-response`, `origin-response`. */ eventType: pulumi.Input; /** * When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: `true`, `false`. */ includeBody?: pulumi.Input; /** * ARN of the Lambda function. */ lambdaArn: pulumi.Input; } export interface DistributionLoggingConfig { /** * Amazon S3 bucket to store the access logs in, for example, `myawslogbucket.s3.amazonaws.com`. */ bucket: pulumi.Input; /** * Whether to include cookies in access logs (default: `false`). */ includeCookies?: pulumi.Input; /** * Prefix to the access log filenames for this distribution, for example, `myprefix/`. */ prefix?: pulumi.Input; } export interface DistributionOrderedCacheBehavior { /** * Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. */ allowedMethods: pulumi.Input[]>; /** * Unique identifier of the cache policy that is attached to the cache behavior. If configuring the `defaultCacheBehavior` either `cachePolicyId` or `forwardedValues` must be set. */ cachePolicyId?: pulumi.Input; /** * Controls whether CloudFront caches the response to requests using the specified HTTP methods. */ cachedMethods: pulumi.Input[]>; /** * Whether you want CloudFront to automatically compress content for web requests that include `Accept-Encoding: gzip` in the request header (default: `false`). */ compress?: pulumi.Input; /** * Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an `Cache-Control max-age` or `Expires` header. */ defaultTtl?: pulumi.Input; /** * Field level encryption configuration ID. */ fieldLevelEncryptionId?: pulumi.Input; /** * The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one). */ forwardedValues?: pulumi.Input; /** * A config block that triggers a cloudfront function with specific actions (maximum 2). */ functionAssociations?: pulumi.Input[]>; /** * A config block that triggers a lambda function with specific actions (maximum 4). */ lambdaFunctionAssociations?: pulumi.Input[]>; /** * Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of `Cache-Control max-age`, `Cache-Control s-maxage`, and `Expires` headers. */ maxTtl?: pulumi.Input; /** * Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. */ minTtl?: pulumi.Input; /** * Unique identifier of the origin request policy that is attached to the behavior. */ originRequestPolicyId?: pulumi.Input; /** * Pattern (for example, `images/*.jpg`) that specifies which requests you want this cache behavior to apply to. */ pathPattern: pulumi.Input; /** * ARN of the real-time log configuration that is attached to this cache behavior. */ realtimeLogConfigArn?: pulumi.Input; /** * Identifier for a response headers policy. */ responseHeadersPolicyId?: pulumi.Input; /** * Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. */ smoothStreaming?: pulumi.Input; /** * Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior. */ targetOriginId: pulumi.Input; /** * List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the [CloudFront User Guide](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html) for more information about this feature. */ trustedKeyGroups?: pulumi.Input[]>; /** * List of AWS account IDs (or `self`) that you want to allow to create signed URLs for private content. See the [CloudFront User Guide](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html) for more information about this feature. */ trustedSigners?: pulumi.Input[]>; /** * Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of `allow-all`, `https-only`, or `redirect-to-https`. */ viewerProtocolPolicy: pulumi.Input; } export interface DistributionOrderedCacheBehaviorForwardedValues { /** * The forwarded values cookies that specifies how CloudFront handles cookies (maximum one). */ cookies: pulumi.Input; /** * Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify `*` to include all headers. */ headers?: pulumi.Input[]>; /** * Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior. */ queryString: pulumi.Input; /** * When specified, along with a value of `true` for `queryString`, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of `true` for `queryString`, all query string keys are cached. */ queryStringCacheKeys?: pulumi.Input[]>; } export interface DistributionOrderedCacheBehaviorForwardedValuesCookies { /** * Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify `all`, `none` or `whitelist`. If `whitelist`, you must include the subsequent `whitelistedNames`. */ forward: pulumi.Input; /** * If you have specified `whitelist` to `forward`, the whitelisted cookies that you want CloudFront to forward to your origin. */ whitelistedNames?: pulumi.Input[]>; } export interface DistributionOrderedCacheBehaviorFunctionAssociation { /** * Specific event to trigger this function. Valid values: `viewer-request` or `viewer-response`. */ eventType: pulumi.Input; /** * ARN of the CloudFront function. */ functionArn: pulumi.Input; } export interface DistributionOrderedCacheBehaviorLambdaFunctionAssociation { /** * Specific event to trigger this function. Valid values: `viewer-request`, `origin-request`, `viewer-response`, `origin-response`. */ eventType: pulumi.Input; /** * When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: `true`, `false`. */ includeBody?: pulumi.Input; /** * ARN of the Lambda function. */ lambdaArn: pulumi.Input; } export interface DistributionOrigin { /** * Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3. */ connectionAttempts?: pulumi.Input; /** * Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10. */ connectionTimeout?: pulumi.Input; /** * One or more sub-resources with `name` and `value` parameters that specify header data that will be sent to the origin (multiples allowed). */ customHeaders?: pulumi.Input[]>; /** * The CloudFront custom origin configuration information. If an S3 origin is required, use `originAccessControlId` or `s3OriginConfig` instead. */ customOriginConfig?: pulumi.Input; /** * DNS domain name of either the S3 bucket, or web site of your custom origin. */ domainName: pulumi.Input; /** * Unique identifier of a [CloudFront origin access control][8] for this origin. */ originAccessControlId?: pulumi.Input; /** * Unique identifier for the origin. */ originId: pulumi.Input; /** * Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin. */ originPath?: pulumi.Input; /** * CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the Amazon CloudFront Developer Guide. */ originShield?: pulumi.Input; /** * CloudFront S3 origin configuration information. If a custom origin is required, use `customOriginConfig` instead. */ s3OriginConfig?: pulumi.Input; } export interface DistributionOriginCustomHeader { name: pulumi.Input; value: pulumi.Input; } export interface DistributionOriginCustomOriginConfig { /** * HTTP port the custom origin listens on. */ httpPort: pulumi.Input; /** * HTTPS port the custom origin listens on. */ httpsPort: pulumi.Input; /** * The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of `60`. But you can request an [increase](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html#request-custom-request-timeout). Defaults to `5`. */ originKeepaliveTimeout?: pulumi.Input; /** * Origin protocol policy to apply to your origin. One of `http-only`, `https-only`, or `match-viewer`. */ originProtocolPolicy: pulumi.Input; /** * The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of `60`. But you can request an [increase](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html#request-custom-request-timeout). Defaults to `30`. */ originReadTimeout?: pulumi.Input; /** * SSL/TLS protocols that you want CloudFront to use when communicating with your origin over HTTPS. A list of one or more of `SSLv3`, `TLSv1`, `TLSv1.1`, and `TLSv1.2`. */ originSslProtocols: pulumi.Input[]>; } export interface DistributionOriginGroup { /** * The failover criteria for when to failover to the secondary origin. */ failoverCriteria: pulumi.Input; /** * Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members. */ members: pulumi.Input[]>; /** * Unique identifier for the origin. */ originId: pulumi.Input; } export interface DistributionOriginGroupFailoverCriteria { /** * List of HTTP status codes for the origin group. */ statusCodes: pulumi.Input[]>; } export interface DistributionOriginGroupMember { /** * Unique identifier for the origin. */ originId: pulumi.Input; } export interface DistributionOriginOriginShield { /** * Whether the distribution is enabled to accept end user requests for content. */ enabled: pulumi.Input; /** * AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as `us-east-2`. */ originShieldRegion?: pulumi.Input; } export interface DistributionOriginS3OriginConfig { /** * The CloudFront origin access identity to associate with the origin. */ originAccessIdentity: pulumi.Input; } export interface DistributionRestrictions { geoRestriction: pulumi.Input; } export interface DistributionRestrictionsGeoRestriction { /** * [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (`whitelist`) or not distribute your content (`blacklist`). If the type is specified as `none` an empty array can be used. */ locations?: pulumi.Input[]>; /** * Method that you want to use to restrict distribution of your content by country: `none`, `whitelist`, or `blacklist`. */ restrictionType: pulumi.Input; } export interface DistributionTrustedKeyGroup { /** * Whether the distribution is enabled to accept end user requests for content. */ enabled?: pulumi.Input; /** * List of nested attributes for each trusted signer */ items?: pulumi.Input[]>; } export interface DistributionTrustedKeyGroupItem { /** * ID of the key group that contains the public keys. */ keyGroupId?: pulumi.Input; /** * Set of active CloudFront key pairs associated with the signer account */ keyPairIds?: pulumi.Input[]>; } export interface DistributionTrustedSigner { /** * Whether the distribution is enabled to accept end user requests for content. */ enabled?: pulumi.Input; /** * List of nested attributes for each trusted signer */ items?: pulumi.Input[]>; } export interface DistributionTrustedSignerItem { /** * AWS account ID or `self` */ awsAccountNumber?: pulumi.Input; /** * Set of active CloudFront key pairs associated with the signer account */ keyPairIds?: pulumi.Input[]>; } export interface DistributionViewerCertificate { /** * ARN of the [AWS Certificate Manager](https://aws.amazon.com/certificate-manager/) certificate that you wish to use with this distribution. Specify this, `cloudfrontDefaultCertificate`, or `iamCertificateId`. The ACM certificate must be in US-EAST-1. */ acmCertificateArn?: pulumi.Input; /** * `true` if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this, `acmCertificateArn`, or `iamCertificateId`. */ cloudfrontDefaultCertificate?: pulumi.Input; /** * IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this, `acmCertificateArn`, or `cloudfrontDefaultCertificate`. */ iamCertificateId?: pulumi.Input; /** * Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if `cloudfrontDefaultCertificate = false`. See all possible values in [this](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html) table under "Security policy." Some examples include: `TLSv1.2_2019` and `TLSv1.2_2021`. Default: `TLSv1`. **NOTE**: If you are using a custom certificate (specified with `acmCertificateArn` or `iamCertificateId`), and have specified `sni-only` in `sslSupportMethod`, `TLSv1` or later must be specified. If you have specified `vip` in `sslSupportMethod`, only `SSLv3` or `TLSv1` can be specified. If you have specified `cloudfrontDefaultCertificate`, `TLSv1` must be specified. */ minimumProtocolVersion?: pulumi.Input; /** * How you want CloudFront to serve HTTPS requests. One of `vip` or `sni-only`. Required if you specify `acmCertificateArn` or `iamCertificateId`. **NOTE:** `vip` causes CloudFront to use a dedicated IP address and may incur extra charges. */ sslSupportMethod?: pulumi.Input; } export interface FieldLevelEncryptionConfigContentTypeProfileConfig { /** * Object that contains an attribute `items` that contains the list of configurations for a field-level encryption content type-profile. See Content Type Profile. */ contentTypeProfiles: pulumi.Input; /** * specifies what to do when an unknown content type is provided for the profile. If true, content is forwarded without being encrypted when the content type is unknown. If false (the default), an error is returned when the content type is unknown. */ forwardWhenContentTypeIsUnknown: pulumi.Input; } export interface FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfiles { items: pulumi.Input[]>; } export interface FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfilesItem { /** * he content type for a field-level encryption content type-profile mapping. Valid value is `application/x-www-form-urlencoded`. */ contentType: pulumi.Input; /** * The format for a field-level encryption content type-profile mapping. Valid value is `URLEncoded`. */ format: pulumi.Input; /** * The profile ID for a field-level encryption content type-profile mapping. */ profileId?: pulumi.Input; } export interface FieldLevelEncryptionConfigQueryArgProfileConfig { /** * Flag to set if you want a request to be forwarded to the origin even if the profile specified by the field-level encryption query argument, fle-profile, is unknown. */ forwardWhenQueryArgProfileIsUnknown: pulumi.Input; /** * Object that contains an attribute `items` that contains the list ofrofiles specified for query argument-profile mapping for field-level encryption. see Query Arg Profile. */ queryArgProfiles?: pulumi.Input; } export interface FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfiles { items?: pulumi.Input[]>; } export interface FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfilesItem { /** * The profile ID for a field-level encryption content type-profile mapping. */ profileId: pulumi.Input; /** * Query argument for field-level encryption query argument-profile mapping. */ queryArg: pulumi.Input; } export interface FieldLevelEncryptionProfileEncryptionEntities { items?: pulumi.Input[]>; } export interface FieldLevelEncryptionProfileEncryptionEntitiesItem { /** * Object that contains an attribute `items` that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted. */ fieldPatterns: pulumi.Input; /** * The provider associated with the public key being used for encryption. */ providerId: pulumi.Input; /** * The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns. */ publicKeyId: pulumi.Input; } export interface FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns { items?: pulumi.Input[]>; } export interface MonitoringSubscriptionMonitoringSubscription { /** * A subscription configuration for additional CloudWatch metrics. See below. */ realtimeMetricsSubscriptionConfig: pulumi.Input; } export interface MonitoringSubscriptionMonitoringSubscriptionRealtimeMetricsSubscriptionConfig { /** * A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution. Valid values are `Enabled` and `Disabled`. See below. */ realtimeMetricsSubscriptionStatus: pulumi.Input; } export interface OriginRequestPolicyCookiesConfig { cookieBehavior: pulumi.Input; cookies?: pulumi.Input; } export interface OriginRequestPolicyCookiesConfigCookies { items?: pulumi.Input[]>; } export interface OriginRequestPolicyHeadersConfig { headerBehavior?: pulumi.Input; headers?: pulumi.Input; } export interface OriginRequestPolicyHeadersConfigHeaders { items?: pulumi.Input[]>; } export interface OriginRequestPolicyQueryStringsConfig { queryStringBehavior: pulumi.Input; queryStrings?: pulumi.Input; } export interface OriginRequestPolicyQueryStringsConfigQueryStrings { items?: pulumi.Input[]>; } export interface RealtimeLogConfigEndpoint { /** * The Amazon Kinesis data stream configuration. */ kinesisStreamConfig: pulumi.Input; /** * The type of data stream where real-time log data is sent. The only valid value is `Kinesis`. */ streamType: pulumi.Input; } export interface RealtimeLogConfigEndpointKinesisStreamConfig { /** * The ARN of an IAM role that CloudFront can use to send real-time log data to the Kinesis data stream. * See the [AWS documentation](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) for more information. */ roleArn: pulumi.Input; /** * The ARN of the Kinesis data stream. */ streamArn: pulumi.Input; } export interface ResponseHeadersPolicyCorsConfig { /** * A Boolean value that CloudFront uses as the value for the `Access-Control-Allow-Credentials` HTTP response header. */ accessControlAllowCredentials: pulumi.Input; /** * Object that contains an attribute `items` that contains a list of HTTP header names that CloudFront includes as values for the `Access-Control-Allow-Headers` HTTP response header. */ accessControlAllowHeaders: pulumi.Input; /** * Object that contains an attribute `items` that contains a list of HTTP methods that CloudFront includes as values for the `Access-Control-Allow-Methods` HTTP response header. Valid values: `GET` | `POST` | `OPTIONS` | `PUT` | `DELETE` | `HEAD` | `ALL` */ accessControlAllowMethods: pulumi.Input; /** * Object that contains an attribute `items` that contains a list of origins that CloudFront can use as the value for the `Access-Control-Allow-Origin` HTTP response header. */ accessControlAllowOrigins: pulumi.Input; /** * Object that contains an attribute `items` that contains a list of HTTP headers that CloudFront includes as values for the `Access-Control-Expose-Headers` HTTP response header. */ accessControlExposeHeaders?: pulumi.Input; /** * A number that CloudFront uses as the value for the `Access-Control-Max-Age` HTTP response header. */ accessControlMaxAgeSec?: pulumi.Input; /** * A Boolean value that determines how CloudFront behaves for the HTTP response header. */ originOverride: pulumi.Input; } export interface ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders { items?: pulumi.Input[]>; } export interface ResponseHeadersPolicyCorsConfigAccessControlAllowMethods { items?: pulumi.Input[]>; } export interface ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins { items?: pulumi.Input[]>; } export interface ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders { items?: pulumi.Input[]>; } export interface ResponseHeadersPolicyCustomHeadersConfig { items?: pulumi.Input[]>; } export interface ResponseHeadersPolicyCustomHeadersConfigItem { /** * The HTTP response header name. */ header: pulumi.Input; /** * Whether CloudFront overrides a response header with the same name received from the origin with the header specifies here. */ override: pulumi.Input; /** * The value for the HTTP response header. */ value: pulumi.Input; } export interface ResponseHeadersPolicyRemoveHeadersConfig { items?: pulumi.Input[]>; } export interface ResponseHeadersPolicyRemoveHeadersConfigItem { /** * The HTTP response header name. */ header: pulumi.Input; } export interface ResponseHeadersPolicySecurityHeadersConfig { /** * The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header. See Content Security Policy for more information. */ contentSecurityPolicy?: pulumi.Input; /** * Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff`. See Content Type Options for more information. */ contentTypeOptions?: pulumi.Input; /** * Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header’s value. See Frame Options for more information. */ frameOptions?: pulumi.Input; /** * Determines whether CloudFront includes the `Referrer-Policy` HTTP response header and the header’s value. See Referrer Policy for more information. */ referrerPolicy?: pulumi.Input; /** * Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header’s value. See Strict Transport Security for more information. */ strictTransportSecurity?: pulumi.Input; /** * Determine whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header’s value. See XSS Protection for more information. */ xssProtection?: pulumi.Input; } export interface ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy { /** * The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header. */ contentSecurityPolicy: pulumi.Input; /** * Whether CloudFront overrides the `Content-Security-Policy` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; } export interface ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions { /** * Whether CloudFront overrides the `X-Content-Type-Options` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; } export interface ResponseHeadersPolicySecurityHeadersConfigFrameOptions { /** * The value of the `X-Frame-Options` HTTP response header. Valid values: `DENY` | `SAMEORIGIN` */ frameOption: pulumi.Input; /** * Whether CloudFront overrides the `X-Frame-Options` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; } export interface ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy { /** * Whether CloudFront overrides the `Referrer-Policy` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; /** * The value of the `Referrer-Policy` HTTP response header. Valid Values: `no-referrer` | `no-referrer-when-downgrade` | `origin` | `origin-when-cross-origin` | `same-origin` | `strict-origin` | `strict-origin-when-cross-origin` | `unsafe-url` */ referrerPolicy: pulumi.Input; } export interface ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity { /** * A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header. */ accessControlMaxAgeSec: pulumi.Input; /** * Whether CloudFront includes the `includeSubDomains` directive in the `Strict-Transport-Security` HTTP response header. */ includeSubdomains?: pulumi.Input; /** * Whether CloudFront overrides the `Strict-Transport-Security` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; /** * Whether CloudFront includes the `preload` directive in the `Strict-Transport-Security` HTTP response header. */ preload?: pulumi.Input; } export interface ResponseHeadersPolicySecurityHeadersConfigXssProtection { /** * Whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header. */ modeBlock?: pulumi.Input; /** * Whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; /** * A Boolean value that determines the value of the `X-XSS-Protection` HTTP response header. When this setting is `true`, the value of the `X-XSS-Protection` header is `1`. When this setting is `false`, the value of the `X-XSS-Protection` header is `0`. */ protection: pulumi.Input; /** * A reporting URI, which CloudFront uses as the value of the report directive in the `X-XSS-Protection` header. You cannot specify a `reportUri` when `modeBlock` is `true`. */ reportUri?: pulumi.Input; } export interface ResponseHeadersPolicyServerTimingHeadersConfig { /** * A Whether CloudFront adds the `Server-Timing` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. */ enabled: pulumi.Input; /** * A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0. */ samplingRate: pulumi.Input; } } export namespace cloudhsmv2 { export interface ClusterClusterCertificate { awsHardwareCertificate?: pulumi.Input; clusterCertificate?: pulumi.Input; clusterCsr?: pulumi.Input; hsmCertificate?: pulumi.Input; manufacturerHardwareCertificate?: pulumi.Input; } } export namespace cloudsearch { export interface DomainEndpointOptions { /** * Enables or disables the requirement that all requests to the domain arrive over HTTPS. */ enforceHttps?: pulumi.Input; /** * The minimum required TLS version. See the [AWS documentation](https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DomainEndpointOptions.html) for valid values. */ tlsSecurityPolicy?: pulumi.Input; } export interface DomainIndexField { /** * The analysis scheme you want to use for a `text` field. The analysis scheme specifies the language-specific text processing options that are used during indexing. */ analysisScheme?: pulumi.Input; /** * The default value for the field. This value is used when no value is specified for the field in the document data. */ defaultValue?: pulumi.Input; /** * You can get facet information by enabling this. */ facet?: pulumi.Input; /** * You can highlight information. */ highlight?: pulumi.Input; /** * A unique name for the field. Field names must begin with a letter and be at least 3 and no more than 64 characters long. The allowed characters are: `a`-`z` (lower-case letters), `0`-`9`, and `_` (underscore). The name `score` is reserved and cannot be used as a field name. */ name: pulumi.Input; /** * You can enable returning the value of all searchable fields. */ return?: pulumi.Input; /** * You can set whether this index should be searchable or not. */ search?: pulumi.Input; /** * You can enable the property to be sortable. */ sort?: pulumi.Input; /** * A comma-separated list of source fields to map to the field. Specifying a source field copies data from one field to another, enabling you to use the same source data in different ways by configuring different options for the fields. */ sourceFields?: pulumi.Input; /** * The field type. Valid values: `date`, `date-array`, `double`, `double-array`, `int`, `int-array`, `literal`, `literal-array`, `text`, `text-array`. */ type: pulumi.Input; } export interface DomainScalingParameters { /** * The instance type that you want to preconfigure for your domain. See the [AWS documentation](https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_ScalingParameters.html) for valid values. */ desiredInstanceType?: pulumi.Input; /** * The number of partitions you want to preconfigure for your domain. Only valid when you select `search.2xlarge` as the instance type. */ desiredPartitionCount?: pulumi.Input; /** * The number of replicas you want to preconfigure for each index partition. */ desiredReplicationCount?: pulumi.Input; } } export namespace cloudtrail { export interface EventDataStoreAdvancedEventSelector { /** * Specifies the selector statements in an advanced event selector. Fields documented below. */ fieldSelectors?: pulumi.Input[]>; /** * Specifies the name of the advanced event selector. */ name?: pulumi.Input; } export interface EventDataStoreAdvancedEventSelectorFieldSelector { /** * A list of values that includes events that match the last few characters of the event record field specified as the value of `field`. */ endsWiths?: pulumi.Input[]>; /** * A list of values that includes events that match the exact value of the event record field specified as the value of `field`. This is the only valid operator that you can use with the `readOnly`, `eventCategory`, and `resources.type` fields. */ equals?: pulumi.Input[]>; /** * Specifies a field in an event record on which to filter events to be logged. You can specify only the following values: `readOnly`, `eventSource`, `eventName`, `eventCategory`, `resources.type`, `resources.ARN`. */ field?: pulumi.Input; /** * A list of values that excludes events that match the last few characters of the event record field specified as the value of `field`. */ notEndsWiths?: pulumi.Input[]>; /** * A list of values that excludes events that match the exact value of the event record field specified as the value of `field`. */ notEquals?: pulumi.Input[]>; /** * A list of values that excludes events that match the first few characters of the event record field specified as the value of `field`. */ notStartsWiths?: pulumi.Input[]>; /** * A list of values that includes events that match the first few characters of the event record field specified as the value of `field`. */ startsWiths?: pulumi.Input[]>; } export interface TrailAdvancedEventSelector { /** * Specifies the selector statements in an advanced event selector. Fields documented below. */ fieldSelectors: pulumi.Input[]>; /** * Name of the trail. */ name?: pulumi.Input; } export interface TrailAdvancedEventSelectorFieldSelector { /** * A list of values that includes events that match the last few characters of the event record field specified as the value of `field`. */ endsWiths?: pulumi.Input[]>; /** * A list of values that includes events that match the exact value of the event record field specified as the value of `field`. This is the only valid operator that you can use with the `readOnly`, `eventCategory`, and `resources.type` fields. */ equals?: pulumi.Input[]>; /** * Field in an event record on which to filter events to be logged. You can specify only the following values: `readOnly`, `eventSource`, `eventName`, `eventCategory`, `resources.type`, `resources.ARN`. */ field: pulumi.Input; /** * A list of values that excludes events that match the last few characters of the event record field specified as the value of `field`. */ notEndsWiths?: pulumi.Input[]>; /** * A list of values that excludes events that match the exact value of the event record field specified as the value of `field`. */ notEquals?: pulumi.Input[]>; /** * A list of values that excludes events that match the first few characters of the event record field specified as the value of `field`. */ notStartsWiths?: pulumi.Input[]>; /** * A list of values that includes events that match the first few characters of the event record field specified as the value of `field`. */ startsWiths?: pulumi.Input[]>; } export interface TrailEventSelector { /** * Configuration block for data events. See details below. */ dataResources?: pulumi.Input[]>; /** * A set of event sources to exclude. Valid values include: `kms.amazonaws.com` and `rdsdata.amazonaws.com`. `includeManagementEvents` must be set to`true` to allow this. */ excludeManagementEventSources?: pulumi.Input[]>; /** * Whether to include management events for your trail. Defaults to `true`. */ includeManagementEvents?: pulumi.Input; /** * Type of events to log. Valid values are `ReadOnly`, `WriteOnly`, `All`. Default value is `All`. */ readWriteType?: pulumi.Input; } export interface TrailEventSelectorDataResource { /** * Resource type in which you want to log data events. You can specify only the following value: "AWS::S3::Object", "AWS::Lambda::Function" and "AWS::DynamoDB::Table". */ type: pulumi.Input; /** * List of ARN strings or partial ARN strings to specify selectors for data audit events over data resources. ARN list is specific to single-valued `type`. For example, `arn:aws:s3:::/` for all objects in a bucket, `arn:aws:s3:::/key` for specific objects, `arn:aws:lambda` for all lambda events within an account, `arn:aws:lambda:::function:` for a specific Lambda function, `arn:aws:dynamodb` for all DDB events for all tables within an account, or `arn:aws:dynamodb:::table/` for a specific DynamoDB table. */ values: pulumi.Input[]>; } export interface TrailInsightSelector { /** * Type of insights to log on a trail. Valid values are: `ApiCallRateInsight` and `ApiErrorRateInsight`. */ insightType: pulumi.Input; } } export namespace cloudwatch { export interface CompositeAlarmActionsSuppressor { /** * Can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm. */ alarm: pulumi.Input; /** * The maximum time in seconds that the composite alarm waits after suppressor alarm goes out of the `ALARM` state. After this time, the composite alarm performs its actions. */ extensionPeriod: pulumi.Input; /** * The maximum time in seconds that the composite alarm waits for the suppressor alarm to go into the `ALARM` state. After this time, the composite alarm performs its actions. */ waitPeriod: pulumi.Input; } export interface EventConnectionAuthParameters { /** * Parameters used for API_KEY authorization. An API key to include in the header for each authentication request. A maximum of 1 are allowed. Conflicts with `basic` and `oauth`. Documented below. */ apiKey?: pulumi.Input; /** * Parameters used for BASIC authorization. A maximum of 1 are allowed. Conflicts with `apiKey` and `oauth`. Documented below. */ basic?: pulumi.Input; /** * Invocation Http Parameters are additional credentials used to sign each Invocation of the ApiDestination created from this Connection. If the ApiDestination Rule Target has additional HttpParameters, the values will be merged together, with the Connection Invocation Http Parameters taking precedence. Secret values are stored and managed by AWS Secrets Manager. A maximum of 1 are allowed. Documented below. */ invocationHttpParameters?: pulumi.Input; /** * Parameters used for OAUTH_CLIENT_CREDENTIALS authorization. A maximum of 1 are allowed. Conflicts with `basic` and `apiKey`. Documented below. */ oauth?: pulumi.Input; } export interface EventConnectionAuthParametersApiKey { /** * Header Name. */ key: pulumi.Input; /** * Header Value. Created and stored in AWS Secrets Manager. */ value: pulumi.Input; } export interface EventConnectionAuthParametersBasic { /** * A password for the authorization. Created and stored in AWS Secrets Manager. */ password: pulumi.Input; /** * A username for the authorization. */ username: pulumi.Input; } export interface EventConnectionAuthParametersInvocationHttpParameters { /** * Contains additional body string parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following: */ bodies?: pulumi.Input[]>; /** * Contains additional header parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following: */ headers?: pulumi.Input[]>; /** * Contains additional query string parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following: */ queryStrings?: pulumi.Input[]>; } export interface EventConnectionAuthParametersInvocationHttpParametersBody { /** * Specified whether the value is secret. */ isValueSecret?: pulumi.Input; /** * Header Name. */ key?: pulumi.Input; /** * Header Value. Created and stored in AWS Secrets Manager. */ value?: pulumi.Input; } export interface EventConnectionAuthParametersInvocationHttpParametersHeader { /** * Specified whether the value is secret. */ isValueSecret?: pulumi.Input; /** * Header Name. */ key?: pulumi.Input; /** * Header Value. Created and stored in AWS Secrets Manager. */ value?: pulumi.Input; } export interface EventConnectionAuthParametersInvocationHttpParametersQueryString { /** * Specified whether the value is secret. */ isValueSecret?: pulumi.Input; /** * Header Name. */ key?: pulumi.Input; /** * Header Value. Created and stored in AWS Secrets Manager. */ value?: pulumi.Input; } export interface EventConnectionAuthParametersOauth { /** * The URL to the authorization endpoint. */ authorizationEndpoint: pulumi.Input; /** * Contains the client parameters for OAuth authorization. Contains the following two parameters. */ clientParameters?: pulumi.Input; /** * A password for the authorization. Created and stored in AWS Secrets Manager. */ httpMethod: pulumi.Input; /** * OAuth Http Parameters are additional credentials used to sign the request to the authorization endpoint to exchange the OAuth Client information for an access token. Secret values are stored and managed by AWS Secrets Manager. A maximum of 1 are allowed. Documented below. */ oauthHttpParameters: pulumi.Input; } export interface EventConnectionAuthParametersOauthClientParameters { /** * The client ID for the credentials to use for authorization. Created and stored in AWS Secrets Manager. */ clientId: pulumi.Input; /** * The client secret for the credentials to use for authorization. Created and stored in AWS Secrets Manager. */ clientSecret: pulumi.Input; } export interface EventConnectionAuthParametersOauthOauthHttpParameters { /** * Contains additional body string parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following: */ bodies?: pulumi.Input[]>; /** * Contains additional header parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following: */ headers?: pulumi.Input[]>; /** * Contains additional query string parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following: */ queryStrings?: pulumi.Input[]>; } export interface EventConnectionAuthParametersOauthOauthHttpParametersBody { /** * Specified whether the value is secret. */ isValueSecret?: pulumi.Input; /** * Header Name. */ key?: pulumi.Input; /** * Header Value. Created and stored in AWS Secrets Manager. */ value?: pulumi.Input; } export interface EventConnectionAuthParametersOauthOauthHttpParametersHeader { /** * Specified whether the value is secret. */ isValueSecret?: pulumi.Input; /** * Header Name. */ key?: pulumi.Input; /** * Header Value. Created and stored in AWS Secrets Manager. */ value?: pulumi.Input; } export interface EventConnectionAuthParametersOauthOauthHttpParametersQueryString { /** * Specified whether the value is secret. */ isValueSecret?: pulumi.Input; /** * Header Name. */ key?: pulumi.Input; /** * Header Value. Created and stored in AWS Secrets Manager. */ value?: pulumi.Input; } export interface EventEndpointEventBus { /** * The ARN of the event bus the endpoint is associated with. */ eventBusArn: pulumi.Input; } export interface EventEndpointReplicationConfig { /** * The state of event replication. Valid values: `ENABLED`, `DISABLED`. The default state is `ENABLED`, which means you must supply a `roleArn`. If you don't have a `roleArn` or you don't want event replication enabled, set `state` to `DISABLED`. */ state?: pulumi.Input; } export interface EventEndpointRoutingConfig { /** * Parameters used for failover. This includes what triggers failover and what happens when it's triggered. Documented below. */ failoverConfig: pulumi.Input; } export interface EventEndpointRoutingConfigFailoverConfig { /** * Parameters used for the primary Region. Documented below. */ primary: pulumi.Input; /** * Parameters used for the secondary Region, the Region that events are routed to when failover is triggered or event replication is enabled. Documented below. */ secondary: pulumi.Input; } export interface EventEndpointRoutingConfigFailoverConfigPrimary { /** * The ARN of the health check used by the endpoint to determine whether failover is triggered. */ healthCheck?: pulumi.Input; } export interface EventEndpointRoutingConfigFailoverConfigSecondary { /** * The name of the secondary Region. */ route?: pulumi.Input; } export interface EventPermissionCondition { /** * Key for the condition. Valid values: `aws:PrincipalOrgID`. */ key: pulumi.Input; /** * Type of condition. Value values: `StringEquals`. */ type: pulumi.Input; /** * Value for the key. */ value: pulumi.Input; } export interface EventTargetBatchTarget { /** * The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000. */ arraySize?: pulumi.Input; /** * The number of times to attempt to retry, if the job fails. Valid values are 1 to 10. */ jobAttempts?: pulumi.Input; /** * The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist. */ jobDefinition: pulumi.Input; /** * The name to use for this execution of the job, if the target is an AWS Batch job. */ jobName: pulumi.Input; } export interface EventTargetDeadLetterConfig { /** * ARN of the SQS queue specified as the target for the dead-letter queue. */ arn?: pulumi.Input; } export interface EventTargetEcsTarget { /** * The capacity provider strategy to use for the task. If a `capacityProviderStrategy` specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or `launchType` is specified, the default capacity provider strategy for the cluster is used. Can be one or more. See below. */ capacityProviderStrategies?: pulumi.Input[]>; /** * Specifies whether to enable Amazon ECS managed tags for the task. */ enableEcsManagedTags?: pulumi.Input; /** * Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task. */ enableExecuteCommand?: pulumi.Input; /** * Specifies an ECS task group for the task. The maximum length is 255 characters. */ group?: pulumi.Input; /** * Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. Valid values include: `EC2`, `EXTERNAL`, or `FARGATE`. */ launchType?: pulumi.Input; /** * Use this if the ECS task uses the awsvpc network mode. This specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. Required if `launchType` is `FARGATE` because the awsvpc mode is required for Fargate tasks. */ networkConfiguration?: pulumi.Input; /** * An array of placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task. */ orderedPlacementStrategies?: pulumi.Input[]>; /** * An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime). See Below. */ placementConstraints?: pulumi.Input[]>; /** * Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0`. This is used only if LaunchType is FARGATE. For more information about valid platform versions, see [AWS Fargate Platform Versions](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html). */ platformVersion?: pulumi.Input; /** * Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. The only valid value is: `TASK_DEFINITION`. */ propagateTags?: pulumi.Input; /** * A map of tags to assign to ecs resources. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The number of tasks to create based on the TaskDefinition. Defaults to `1`. */ taskCount?: pulumi.Input; /** * The ARN of the task definition to use if the event target is an Amazon ECS cluster. */ taskDefinitionArn: pulumi.Input; } export interface EventTargetEcsTargetCapacityProviderStrategy { /** * The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Defaults to `0`. */ base?: pulumi.Input; /** * Short name of the capacity provider. */ capacityProvider: pulumi.Input; /** * The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied. */ weight?: pulumi.Input; } export interface EventTargetEcsTargetNetworkConfiguration { /** * Assign a public IP address to the ENI (Fargate launch type only). Valid values are `true` or `false`. Defaults to `false`. * * For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) */ assignPublicIp?: pulumi.Input; /** * The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used. */ securityGroups?: pulumi.Input[]>; /** * The subnets associated with the task or service. */ subnets: pulumi.Input[]>; } export interface EventTargetEcsTargetOrderedPlacementStrategy { /** * The field to apply the placement strategy against. For the `spread` placement strategy, valid values are `instanceId` (or `host`, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as `attribute:ecs.availability-zone`. For the `binpack` placement strategy, valid values are `cpu` and `memory`. For the `random` placement strategy, this field is not used. For more information, see [Amazon ECS task placement strategies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-strategies.html). */ field?: pulumi.Input; /** * Type of placement strategy. The only valid values at this time are `binpack`, `random` and `spread`. */ type: pulumi.Input; } export interface EventTargetEcsTargetPlacementConstraint { /** * Cluster Query Language expression to apply to the constraint. Does not need to be specified for the `distinctInstance` type. For more information, see [Cluster Query Language in the Amazon EC2 Container Service Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html). */ expression?: pulumi.Input; /** * Type of constraint. The only valid values at this time are `memberOf` and `distinctInstance`. */ type: pulumi.Input; } export interface EventTargetHttpTarget { /** * Enables you to specify HTTP headers to add to the request. */ headerParameters?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The list of values that correspond sequentially to any path variables in your endpoint ARN (for example `arn:aws:execute-api:us-east-1:123456:myapi/*/POST/pets/*`). */ pathParameterValues?: pulumi.Input[]>; /** * Represents keys/values of query string parameters that are appended to the invoked endpoint. */ queryStringParameters?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface EventTargetInputTransformer { /** * Key value pairs specified in the form of JSONPath (for example, time = $.time) * * You can have as many as 100 key-value pairs. * * You must use JSON dot notation, not bracket notation. * * The keys can't start with "AWS". */ inputPaths?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Template to customize data sent to the target. Must be valid JSON. To send a string value, the string value must include double quotes. */ inputTemplate: pulumi.Input; } export interface EventTargetKinesisTarget { /** * The JSON path to be extracted from the event and used as the partition key. */ partitionKeyPath?: pulumi.Input; } export interface EventTargetRedshiftTarget { /** * The name of the database. */ database: pulumi.Input; /** * The database user name. */ dbUser?: pulumi.Input; /** * The name or ARN of the secret that enables access to the database. */ secretsManagerArn?: pulumi.Input; /** * The SQL statement text to run. */ sql?: pulumi.Input; /** * The name of the SQL statement. */ statementName?: pulumi.Input; /** * Indicates whether to send an event back to EventBridge after the SQL statement runs. */ withEvent?: pulumi.Input; } export interface EventTargetRetryPolicy { /** * The age in seconds to continue to make retry attempts. */ maximumEventAgeInSeconds?: pulumi.Input; /** * maximum number of retry attempts to make before the request fails */ maximumRetryAttempts?: pulumi.Input; } export interface EventTargetRunCommandTarget { /** * Can be either `tag:tag-key` or `InstanceIds`. */ key: pulumi.Input; /** * If Key is `tag:tag-key`, Values is a list of tag values. If Key is `InstanceIds`, Values is a list of Amazon EC2 instance IDs. */ values: pulumi.Input[]>; } export interface EventTargetSagemakerPipelineTarget { /** * List of Parameter names and values for SageMaker Model Building Pipeline execution. */ pipelineParameterLists?: pulumi.Input[]>; } export interface EventTargetSagemakerPipelineTargetPipelineParameterList { /** * Name of parameter to start execution of a SageMaker Model Building Pipeline. */ name: pulumi.Input; /** * Value of parameter to start execution of a SageMaker Model Building Pipeline. */ value: pulumi.Input; } export interface EventTargetSqsTarget { /** * The FIFO message group ID to use as the target. */ messageGroupId?: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatement { /** * Set of at least 1 sensitive data identifiers that you want to mask. Read more in [Types of data that you can protect](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/protect-sensitive-log-data-types.html). */ dataIdentifiers: string[]; /** * Configures the data protection operation applied by this statement. */ operation: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperation; /** * Name of this statement. */ sid?: string; } export interface GetLogDataProtectionPolicyDocumentStatementArgs { /** * Set of at least 1 sensitive data identifiers that you want to mask. Read more in [Types of data that you can protect](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/protect-sensitive-log-data-types.html). */ dataIdentifiers: pulumi.Input[]>; /** * Configures the data protection operation applied by this statement. */ operation: pulumi.Input; /** * Name of this statement. */ sid?: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperation { /** * Configures the detection of sensitive data. */ audit?: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperationAudit; /** * Configures the masking of sensitive data. * * > Every policy statement must specify exactly one operation. */ deidentify?: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperationDeidentify; } export interface GetLogDataProtectionPolicyDocumentStatementOperationArgs { /** * Configures the detection of sensitive data. */ audit?: pulumi.Input; /** * Configures the masking of sensitive data. * * > Every policy statement must specify exactly one operation. */ deidentify?: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAudit { /** * Configures destinations to send audit findings to. */ findingsDestination: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestination; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditArgs { /** * Configures destinations to send audit findings to. */ findingsDestination: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestination { /** * Configures CloudWatch Logs as a findings destination. */ cloudwatchLogs?: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationCloudwatchLogs; /** * Configures Kinesis Firehose as a findings destination. */ firehose?: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationFirehose; /** * Configures S3 as a findings destination. */ s3?: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationS3; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationArgs { /** * Configures CloudWatch Logs as a findings destination. */ cloudwatchLogs?: pulumi.Input; /** * Configures Kinesis Firehose as a findings destination. */ firehose?: pulumi.Input; /** * Configures S3 as a findings destination. */ s3?: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationCloudwatchLogs { /** * Name of the CloudWatch Log Group to send findings to. */ logGroup: string; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationCloudwatchLogsArgs { /** * Name of the CloudWatch Log Group to send findings to. */ logGroup: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationFirehose { /** * Name of the Kinesis Firehose Delivery Stream to send findings to. */ deliveryStream: string; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationFirehoseArgs { /** * Name of the Kinesis Firehose Delivery Stream to send findings to. */ deliveryStream: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationS3 { /** * Name of the S3 Bucket to send findings to. */ bucket: string; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationS3Args { /** * Name of the S3 Bucket to send findings to. */ bucket: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperationDeidentify { /** * An empty object that configures masking. */ maskConfig: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperationDeidentifyMaskConfig; } export interface GetLogDataProtectionPolicyDocumentStatementOperationDeidentifyArgs { /** * An empty object that configures masking. */ maskConfig: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperationDeidentifyMaskConfig { } export interface GetLogDataProtectionPolicyDocumentStatementOperationDeidentifyMaskConfigArgs { } export interface InternetMonitorHealthEventsConfig { /** * The health event threshold percentage set for availability scores. */ availabilityScoreThreshold?: pulumi.Input; /** * The health event threshold percentage set for performance scores. */ performanceScoreThreshold?: pulumi.Input; } export interface InternetMonitorInternetMeasurementsLogDelivery { s3Config?: pulumi.Input; } export interface InternetMonitorInternetMeasurementsLogDeliveryS3Config { bucketName: pulumi.Input; bucketPrefix?: pulumi.Input; logDeliveryStatus?: pulumi.Input; } export interface LogMetricFilterMetricTransformation { /** * The value to emit when a filter pattern does not match a log event. Conflicts with `dimensions`. */ defaultValue?: pulumi.Input; /** * Map of fields to use as dimensions for the metric. Up to 3 dimensions are allowed. Conflicts with `defaultValue`. */ dimensions?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The name of the CloudWatch metric to which the monitored log information should be published (e.g., `ErrorCount`) */ name: pulumi.Input; /** * The destination namespace of the CloudWatch metric. */ namespace: pulumi.Input; /** * The unit to assign to the metric. If you omit this, the unit is set as `None`. */ unit?: pulumi.Input; /** * What to publish to the metric. For example, if you're counting the occurrences of a particular term like "Error", the value will be "1" for each occurrence. If you're counting the bytes transferred the published value will be the value in the log event. */ value: pulumi.Input; } export interface MetricAlarmMetricQuery { /** * The ID of the account where the metrics are located, if this is a cross-account alarm. */ accountId?: pulumi.Input; /** * The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the id of the other metrics to refer to those metrics, and can also use the id of other expressions to use the result of those expressions. For more information about metric math expressions, see Metric Math Syntax and Functions in the [Amazon CloudWatch User Guide](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax). */ expression?: pulumi.Input; /** * A short name used to tie this object to the results in the response. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter. */ id: pulumi.Input; /** * A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. */ label?: pulumi.Input; /** * The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data. */ metric?: pulumi.Input; /** * Granularity in seconds of returned data points. * For metrics with regular resolution, valid values are any multiple of `60`. * For high-resolution metrics, valid values are `1`, `5`, `10`, `30`, or any multiple of `60`. */ period?: pulumi.Input; /** * Specify exactly one `metricQuery` to be `true` to use that `metricQuery` result as the alarm. * * > **NOTE:** You must specify either `metric` or `expression`. Not both. */ returnData?: pulumi.Input; } export interface MetricAlarmMetricQueryMetric { /** * The dimensions for this metric. For the list of available dimensions see the AWS documentation [here](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html). */ dimensions?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The name for this metric. * See docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html). */ metricName: pulumi.Input; /** * The namespace for this metric. See docs for the [list of namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/aws-namespaces.html). * See docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html). */ namespace?: pulumi.Input; /** * Granularity in seconds of returned data points. * For metrics with regular resolution, valid values are any multiple of `60`. * For high-resolution metrics, valid values are `1`, `5`, `10`, `30`, or any multiple of `60`. */ period: pulumi.Input; /** * The statistic to apply to this metric. * See docs for [supported statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html). */ stat: pulumi.Input; /** * The unit for this metric. */ unit?: pulumi.Input; } export interface MetricStreamExcludeFilter { /** * An array that defines the metrics you want to exclude for this metric namespace */ metricNames?: pulumi.Input[]>; /** * Name of the metric namespace in the filter. */ namespace: pulumi.Input; } export interface MetricStreamIncludeFilter { /** * An array that defines the metrics you want to include for this metric namespace */ metricNames?: pulumi.Input[]>; /** * Name of the metric namespace in the filter. */ namespace: pulumi.Input; } export interface MetricStreamStatisticsConfiguration { /** * The additional statistics to stream for the metrics listed in `includeMetrics`. */ additionalStatistics: pulumi.Input[]>; /** * An array that defines the metrics that are to have additional statistics streamed. See details below. */ includeMetrics: pulumi.Input[]>; } export interface MetricStreamStatisticsConfigurationIncludeMetric { /** * The name of the metric. */ metricName: pulumi.Input; /** * Name of the metric namespace in the filter. */ namespace: pulumi.Input; } } export namespace codeartifact { export interface RepositoryExternalConnections { /** * The name of the external connection associated with a repository. */ externalConnectionName: pulumi.Input; packageFormat?: pulumi.Input; status?: pulumi.Input; } export interface RepositoryUpstream { /** * The name of an upstream repository. */ repositoryName: pulumi.Input; } } export namespace codebuild { export interface ProjectArtifacts { /** * Artifact identifier. Must be the same specified inside the AWS CodeBuild build specification. */ artifactIdentifier?: pulumi.Input; /** * Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Valid values are `NONE`, `READ_ONLY`, and `FULL`. your CodeBuild service role must have the `s3:PutBucketAcl` permission. This permission allows CodeBuild to modify the access control list for the bucket. */ bucketOwnerAccess?: pulumi.Input; /** * Whether to disable encrypting output artifacts. If `type` is set to `NO_ARTIFACTS`, this value is ignored. Defaults to `false`. */ encryptionDisabled?: pulumi.Input; /** * Information about the build output artifact location. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored. If `type` is set to `S3`, this is the name of the output bucket. */ location?: pulumi.Input; /** * Name of the project. If `type` is set to `S3`, this is the name of the output artifact object */ name?: pulumi.Input; /** * Namespace to use in storing build artifacts. If `type` is set to `S3`, then valid values are `BUILD_ID`, `NONE`. */ namespaceType?: pulumi.Input; /** * Whether a name specified in the build specification overrides the artifact name. */ overrideArtifactName?: pulumi.Input; /** * Type of build output artifact to create. If `type` is set to `S3`, valid values are `NONE`, `ZIP` */ packaging?: pulumi.Input; /** * If `type` is set to `S3`, this is the path to the output artifact. */ path?: pulumi.Input; /** * Build output artifact's type. Valid values: `CODEPIPELINE`, `NO_ARTIFACTS`, `S3`. */ type: pulumi.Input; } export interface ProjectBuildBatchConfig { /** * Specifies if the build artifacts for the batch build should be combined into a single artifact location. */ combineArtifacts?: pulumi.Input; /** * Configuration block specifying the restrictions for the batch build. Detailed below. */ restrictions?: pulumi.Input; /** * Specifies the service role ARN for the batch build project. */ serviceRole: pulumi.Input; /** * Specifies the maximum amount of time, in minutes, that the batch build must be completed in. */ timeoutInMins?: pulumi.Input; } export interface ProjectBuildBatchConfigRestrictions { /** * An array of strings that specify the compute types that are allowed for the batch build. See [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the AWS CodeBuild User Guide for these values. */ computeTypesAlloweds?: pulumi.Input[]>; /** * Specifies the maximum number of builds allowed. */ maximumBuildsAllowed?: pulumi.Input; } export interface ProjectCache { /** * Location where the AWS CodeBuild project stores cached resources. For type `S3`, the value must be a valid S3 bucket name/prefix. */ location?: pulumi.Input; /** * Specifies settings that AWS CodeBuild uses to store and reuse build dependencies. Valid values: `LOCAL_SOURCE_CACHE`, `LOCAL_DOCKER_LAYER_CACHE`, `LOCAL_CUSTOM_CACHE`. */ modes?: pulumi.Input[]>; /** * Type of storage that will be used for the AWS CodeBuild project cache. Valid values: `NO_CACHE`, `LOCAL`, `S3`. Defaults to `NO_CACHE`. */ type?: pulumi.Input; } export interface ProjectEnvironment { /** * ARN of the S3 bucket, path prefix and object key that contains the PEM-encoded certificate. */ certificate?: pulumi.Input; /** * Information about the compute resources the build project will use. Valid values: `BUILD_GENERAL1_SMALL`, `BUILD_GENERAL1_MEDIUM`, `BUILD_GENERAL1_LARGE`, `BUILD_GENERAL1_2XLARGE`. `BUILD_GENERAL1_SMALL` is only valid if `type` is set to `LINUX_CONTAINER`. When `type` is set to `LINUX_GPU_CONTAINER`, `computeType` must be `BUILD_GENERAL1_LARGE`. */ computeType: pulumi.Input; /** * Configuration block. Detailed below. */ environmentVariables?: pulumi.Input[]>; /** * Docker image to use for this build project. Valid values include [Docker images provided by CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-available.html) (e.g `aws/codebuild/amazonlinux2-x86_64-standard:4.0`), [Docker Hub images](https://hub.docker.com/) (e.g., `pulumi/pulumi:latest`), and full Docker repository URIs such as those for ECR (e.g., `137112412989.dkr.ecr.us-west-2.amazonaws.com/amazonlinux:latest`). */ image: pulumi.Input; /** * Type of credentials AWS CodeBuild uses to pull images in your build. Valid values: `CODEBUILD`, `SERVICE_ROLE`. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CodeBuild credentials. Defaults to `CODEBUILD`. */ imagePullCredentialsType?: pulumi.Input; /** * Whether to enable running the Docker daemon inside a Docker container. Defaults to `false`. */ privilegedMode?: pulumi.Input; /** * Configuration block. Detailed below. */ registryCredential?: pulumi.Input; /** * Type of environment variable. Valid values: `PARAMETER_STORE`, `PLAINTEXT`, `SECRETS_MANAGER`. */ type: pulumi.Input; } export interface ProjectEnvironmentEnvironmentVariable { /** * Project's name. */ name: pulumi.Input; /** * Build output artifact's type. Valid values: `CODEPIPELINE`, `NO_ARTIFACTS`, `S3`. */ type?: pulumi.Input; /** * Environment variable's value. */ value: pulumi.Input; } export interface ProjectEnvironmentRegistryCredential { /** * ARN or name of credentials created using AWS Secrets Manager. */ credential: pulumi.Input; /** * Service that created the credentials to access a private Docker registry. Valid value: `SECRETS_MANAGER` (AWS Secrets Manager). */ credentialProvider: pulumi.Input; } export interface ProjectFileSystemLocation { /** * The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the identifier in all capital letters to CODEBUILD\_. For example, if you specify my-efs for identifier, a new environment variable is create named CODEBUILD_MY-EFS. */ identifier?: pulumi.Input; /** * A string that specifies the location of the file system created by Amazon EFS. Its format is `efs-dns-name:/directory-path`. */ location?: pulumi.Input; /** * The mount options for a file system created by AWS EFS. */ mountOptions?: pulumi.Input; /** * The location in the container where you mount the file system. */ mountPoint?: pulumi.Input; /** * The type of the file system. The one supported type is `EFS`. */ type?: pulumi.Input; } export interface ProjectLogsConfig { /** * Configuration block. Detailed below. */ cloudwatchLogs?: pulumi.Input; /** * Configuration block. Detailed below. */ s3Logs?: pulumi.Input; } export interface ProjectLogsConfigCloudwatchLogs { /** * Group name of the logs in CloudWatch Logs. */ groupName?: pulumi.Input; /** * Current status of logs in CloudWatch Logs for a build project. Valid values: `ENABLED`, `DISABLED`. Defaults to `ENABLED`. */ status?: pulumi.Input; /** * Stream name of the logs in CloudWatch Logs. */ streamName?: pulumi.Input; } export interface ProjectLogsConfigS3Logs { /** * Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Valid values are `NONE`, `READ_ONLY`, and `FULL`. your CodeBuild service role must have the `s3:PutBucketAcl` permission. This permission allows CodeBuild to modify the access control list for the bucket. */ bucketOwnerAccess?: pulumi.Input; /** * Whether to disable encrypting output artifacts. If `type` is set to `NO_ARTIFACTS`, this value is ignored. Defaults to `false`. */ encryptionDisabled?: pulumi.Input; /** * Information about the build output artifact location. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored. If `type` is set to `S3`, this is the name of the output bucket. */ location?: pulumi.Input; /** * Current status of logs in CloudWatch Logs for a build project. Valid values: `ENABLED`, `DISABLED`. Defaults to `ENABLED`. */ status?: pulumi.Input; } export interface ProjectSecondaryArtifact { /** * Artifact identifier. Must be the same specified inside the AWS CodeBuild build specification. */ artifactIdentifier: pulumi.Input; /** * Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Valid values are `NONE`, `READ_ONLY`, and `FULL`. The CodeBuild service role must have the `s3:PutBucketAcl` permission. This permission allows CodeBuild to modify the access control list for the bucket. */ bucketOwnerAccess?: pulumi.Input; /** * Whether to disable encrypting output artifacts. If `type` is set to `NO_ARTIFACTS`, this value is ignored. Defaults to `false`. */ encryptionDisabled?: pulumi.Input; /** * Information about the build output artifact location. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, this is the name of the output bucket. If `path` is not specified, `location` can specify the path of the output artifact in the output bucket. */ location?: pulumi.Input; /** * Name of the project. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, this is the name of the output artifact object. */ name?: pulumi.Input; /** * Namespace to use in storing build artifacts. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, valid values are `BUILD_ID` or `NONE`. */ namespaceType?: pulumi.Input; /** * Whether a name specified in the build specification overrides the artifact name. */ overrideArtifactName?: pulumi.Input; /** * Type of build output artifact to create. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, valid values are `NONE` or `ZIP`. */ packaging?: pulumi.Input; /** * Along with `namespaceType` and `name`, the pattern that AWS CodeBuild uses to name and store the output artifact. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, this is the path to the output artifact. */ path?: pulumi.Input; /** * Build output artifact's type. Valid values `CODEPIPELINE`, `NO_ARTIFACTS`, and `S3`. */ type: pulumi.Input; } export interface ProjectSecondarySource { /** * Configuration block that contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is `GITHUB`, `GITHUB_ENTERPRISE`, or `BITBUCKET`. `buildStatusConfig` blocks are documented below. */ buildStatusConfig?: pulumi.Input; /** * The build spec declaration to use for this build project's related builds. This must be set when `type` is `NO_SOURCE`. It can either be a path to a file residing in the repository to be built or a local file path leveraging the `file()` built-in. */ buildspec?: pulumi.Input; /** * Truncate git history to this many commits. Use `0` for a `Full` checkout which you need to run commands like `git branch --show-current`. See [AWS CodePipeline User Guide: Tutorial: Use full clone with a GitHub pipeline source](https://docs.aws.amazon.com/codepipeline/latest/userguide/tutorials-github-gitclone.html) for details. */ gitCloneDepth?: pulumi.Input; /** * Configuration block. Detailed below. */ gitSubmodulesConfig?: pulumi.Input; /** * Ignore SSL warnings when connecting to source control. */ insecureSsl?: pulumi.Input; /** * Location of the source code from git or s3. */ location?: pulumi.Input; /** * Whether to report the status of a build's start and finish to your source provider. This option is only valid when your source provider is `GITHUB`, `BITBUCKET`, or `GITHUB_ENTERPRISE`. */ reportBuildStatus?: pulumi.Input; /** * An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. */ sourceIdentifier: pulumi.Input; /** * Type of repository that contains the source code to be built. Valid values: `CODECOMMIT`, `CODEPIPELINE`, `GITHUB`, `GITHUB_ENTERPRISE`, `BITBUCKET` or `S3`. */ type: pulumi.Input; } export interface ProjectSecondarySourceBuildStatusConfig { /** * Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. */ context?: pulumi.Input; /** * Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. */ targetUrl?: pulumi.Input; } export interface ProjectSecondarySourceGitSubmodulesConfig { /** * Whether to fetch Git submodules for the AWS CodeBuild build project. */ fetchSubmodules: pulumi.Input; } export interface ProjectSecondarySourceVersion { /** * An identifier for a source in the build project. */ sourceIdentifier: pulumi.Input; /** * The source version for the corresponding source identifier. See [AWS docs](https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ProjectSourceVersion.html#CodeBuild-Type-ProjectSourceVersion-sourceVersion) for more details. */ sourceVersion: pulumi.Input; } export interface ProjectSource { /** * Configuration block that contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is `GITHUB`, `GITHUB_ENTERPRISE`, or `BITBUCKET`. `buildStatusConfig` blocks are documented below. */ buildStatusConfig?: pulumi.Input; /** * Build specification to use for this build project's related builds. This must be set when `type` is `NO_SOURCE`. */ buildspec?: pulumi.Input; /** * Truncate git history to this many commits. Use `0` for a `Full` checkout which you need to run commands like `git branch --show-current`. See [AWS CodePipeline User Guide: Tutorial: Use full clone with a GitHub pipeline source](https://docs.aws.amazon.com/codepipeline/latest/userguide/tutorials-github-gitclone.html) for details. */ gitCloneDepth?: pulumi.Input; /** * Configuration block. Detailed below. */ gitSubmodulesConfig?: pulumi.Input; /** * Ignore SSL warnings when connecting to source control. */ insecureSsl?: pulumi.Input; /** * Location of the source code from git or s3. */ location?: pulumi.Input; /** * Whether to report the status of a build's start and finish to your source provider. This option is only valid when the `type` is `BITBUCKET` or `GITHUB`. */ reportBuildStatus?: pulumi.Input; /** * Type of repository that contains the source code to be built. Valid values: `CODECOMMIT`, `CODEPIPELINE`, `GITHUB`, `GITHUB_ENTERPRISE`, `BITBUCKET`, `S3`, `NO_SOURCE`. */ type: pulumi.Input; } export interface ProjectSourceBuildStatusConfig { /** * Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. */ context?: pulumi.Input; /** * Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. */ targetUrl?: pulumi.Input; } export interface ProjectSourceGitSubmodulesConfig { /** * Whether to fetch Git submodules for the AWS CodeBuild build project. */ fetchSubmodules: pulumi.Input; } export interface ProjectVpcConfig { /** * Security group IDs to assign to running builds. */ securityGroupIds: pulumi.Input[]>; /** * Subnet IDs within which to run builds. */ subnets: pulumi.Input[]>; /** * ID of the VPC within which to run builds. */ vpcId: pulumi.Input; } export interface ReportGroupExportConfig { /** * contains information about the S3 bucket where the run of a report is exported. see S3 Destination documented below. */ s3Destination?: pulumi.Input; /** * The export configuration type. Valid values are `S3` and `NO_EXPORT`. */ type: pulumi.Input; } export interface ReportGroupExportConfigS3Destination { /** * The name of the S3 bucket where the raw data of a report are exported. */ bucket: pulumi.Input; /** * A boolean value that specifies if the results of a report are encrypted. * **Note: the API does not currently allow setting encryption as disabled** */ encryptionDisabled?: pulumi.Input; /** * The encryption key for the report's encrypted raw data. The KMS key ARN. */ encryptionKey: pulumi.Input; /** * The type of build output artifact to create. Valid values are: `NONE` (default) and `ZIP`. */ packaging?: pulumi.Input; /** * The path to the exported report's raw data results. */ path?: pulumi.Input; } export interface WebhookFilterGroup { /** * A webhook filter for the group. Filter blocks are documented below. */ filters?: pulumi.Input[]>; } export interface WebhookFilterGroupFilter { /** * If set to `true`, the specified filter does *not* trigger a build. Defaults to `false`. */ excludeMatchedPattern?: pulumi.Input; /** * For a filter that uses `EVENT` type, a comma-separated string that specifies one event: `PUSH`, `PULL_REQUEST_CREATED`, `PULL_REQUEST_UPDATED`, `PULL_REQUEST_REOPENED`. `PULL_REQUEST_MERGED` works with GitHub & GitHub Enterprise only. For a filter that uses any of the other filter types, a regular expression. */ pattern: pulumi.Input; /** * The webhook filter group's type. Valid values for this parameter are: `EVENT`, `BASE_REF`, `HEAD_REF`, `ACTOR_ACCOUNT_ID`, `FILE_PATH`, `COMMIT_MESSAGE`. At least one filter group must specify `EVENT` as its type. */ type: pulumi.Input; } } export namespace codecatalyst { export interface DevEnvironmentIdes { /** * The name of the IDE. Valid values include Cloud9, IntelliJ, PyCharm, GoLand, and VSCode. */ name?: pulumi.Input; /** * A link to the IDE runtime image. This parameter is not required if the name is VSCode. Values of the runtime can be for example public.ecr.aws/jetbrains/py,public.ecr.aws/jetbrains/go */ runtime?: pulumi.Input; } export interface DevEnvironmentPersistentStorage { /** * The size of the persistent storage in gigabytes (specifically GiB). Valid values for storage are based on memory sizes in 16GB increments. Valid values are 16, 32, and 64. */ size: pulumi.Input; } export interface DevEnvironmentRepository { /** * The name of the branch in a source repository. * * persistent storage (` persistentStorage`) supports the following: */ branchName?: pulumi.Input; /** * The name of the source repository. */ repositoryName: pulumi.Input; } export interface GetDevEnvironmentRepository { branchName?: string; repositoryName?: string; } export interface GetDevEnvironmentRepositoryArgs { branchName?: pulumi.Input; repositoryName?: pulumi.Input; } } export namespace codecommit { export interface TriggerTrigger { /** * The branches that will be included in the trigger configuration. If no branches are specified, the trigger will apply to all branches. */ branches?: pulumi.Input[]>; /** * Any custom data associated with the trigger that will be included in the information sent to the target of the trigger. */ customData?: pulumi.Input; /** * The ARN of the resource that is the target for a trigger. For example, the ARN of a topic in Amazon Simple Notification Service (SNS). */ destinationArn: pulumi.Input; /** * The repository events that will cause the trigger to run actions in another service, such as sending a notification through Amazon Simple Notification Service (SNS). If no events are specified, the trigger will run for all repository events. Event types include: `all`, `updateReference`, `createReference`, `deleteReference`. */ events: pulumi.Input[]>; /** * The name of the trigger. */ name: pulumi.Input; } } export namespace codedeploy { export interface DeploymentConfigMinimumHealthyHosts { /** * The type can either be `FLEET_PERCENT` or `HOST_COUNT`. */ type?: pulumi.Input; /** * The value when the type is `FLEET_PERCENT` represents the minimum number of healthy instances as * a percentage of the total number of instances in the deployment. If you specify FLEET_PERCENT, at the start of the * deployment, AWS CodeDeploy converts the percentage to the equivalent number of instance and rounds up fractional instances. * When the type is `HOST_COUNT`, the value represents the minimum number of healthy instances as an absolute value. */ value?: pulumi.Input; } export interface DeploymentConfigTrafficRoutingConfig { /** * The time based canary configuration information. If `type` is `TimeBasedLinear`, use `timeBasedLinear` instead. */ timeBasedCanary?: pulumi.Input; /** * The time based linear configuration information. If `type` is `TimeBasedCanary`, use `timeBasedCanary` instead. */ timeBasedLinear?: pulumi.Input; /** * Type of traffic routing config. One of `TimeBasedCanary`, `TimeBasedLinear`, `AllAtOnce`. */ type?: pulumi.Input; } export interface DeploymentConfigTrafficRoutingConfigTimeBasedCanary { /** * The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment. */ interval?: pulumi.Input; /** * The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment. */ percentage?: pulumi.Input; } export interface DeploymentConfigTrafficRoutingConfigTimeBasedLinear { /** * The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment. */ interval?: pulumi.Input; /** * The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment. */ percentage?: pulumi.Input; } export interface DeploymentGroupAlarmConfiguration { /** * A list of alarms configured for the deployment group. _A maximum of 10 alarms can be added to a deployment group_. */ alarms?: pulumi.Input[]>; /** * Indicates whether the alarm configuration is enabled. This option is useful when you want to temporarily deactivate alarm monitoring for a deployment group without having to add the same alarms again later. */ enabled?: pulumi.Input; /** * Indicates whether a deployment should continue if information about the current state of alarms cannot be retrieved from CloudWatch. The default value is `false`. */ ignorePollAlarmFailure?: pulumi.Input; } export interface DeploymentGroupAutoRollbackConfiguration { /** * Indicates whether a defined automatic rollback configuration is currently enabled for this Deployment Group. If you enable automatic rollback, you must specify at least one event type. */ enabled?: pulumi.Input; /** * The event type or types that trigger a rollback. Supported types are `DEPLOYMENT_FAILURE` and `DEPLOYMENT_STOP_ON_ALARM`. * * _Only one `autoRollbackConfiguration` is allowed_. */ events?: pulumi.Input[]>; } export interface DeploymentGroupBlueGreenDeploymentConfig { /** * Information about the action to take when newly provisioned instances are ready to receive traffic in a blue/green deployment (documented below). */ deploymentReadyOption?: pulumi.Input; /** * Information about how instances are provisioned for a replacement environment in a blue/green deployment (documented below). */ greenFleetProvisioningOption?: pulumi.Input; /** * Information about whether to terminate instances in the original fleet during a blue/green deployment (documented below). * * _Only one `blueGreenDeploymentConfig` is allowed_. */ terminateBlueInstancesOnDeploymentSuccess?: pulumi.Input; } export interface DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOption { /** * When to reroute traffic from an original environment to a replacement environment in a blue/green deployment. */ actionOnTimeout?: pulumi.Input; /** * The number of minutes to wait before the status of a blue/green deployment changed to Stopped if rerouting is not started manually. Applies only to the `STOP_DEPLOYMENT` option for `actionOnTimeout`. */ waitTimeInMinutes?: pulumi.Input; } export interface DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOption { /** * The method used to add instances to a replacement environment. */ action?: pulumi.Input; } export interface DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccess { /** * The action to take on instances in the original environment after a successful blue/green deployment. */ action?: pulumi.Input; /** * The number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment. */ terminationWaitTimeInMinutes?: pulumi.Input; } export interface DeploymentGroupDeploymentStyle { /** * Indicates whether to route deployment traffic behind a load balancer. Valid Values are `WITH_TRAFFIC_CONTROL` or `WITHOUT_TRAFFIC_CONTROL`. Default is `WITHOUT_TRAFFIC_CONTROL`. */ deploymentOption?: pulumi.Input; /** * Indicates whether to run an in-place deployment or a blue/green deployment. Valid Values are `IN_PLACE` or `BLUE_GREEN`. Default is `IN_PLACE`. * * _Only one `deploymentStyle` is allowed_. */ deploymentType?: pulumi.Input; } export interface DeploymentGroupEc2TagFilter { /** * The key of the tag filter. */ key?: pulumi.Input; /** * The type of the tag filter, either `KEY_ONLY`, `VALUE_ONLY`, or `KEY_AND_VALUE`. */ type?: pulumi.Input; /** * The value of the tag filter. * * Multiple occurrences of `ec2TagFilter` are allowed, where any instance that matches to at least one of the tag filters is selected. */ value?: pulumi.Input; } export interface DeploymentGroupEc2TagSet { /** * Tag filters associated with the deployment group. See the AWS docs for details. */ ec2TagFilters?: pulumi.Input[]>; } export interface DeploymentGroupEc2TagSetEc2TagFilter { /** * The key of the tag filter. */ key?: pulumi.Input; /** * The type of the tag filter, either `KEY_ONLY`, `VALUE_ONLY`, or `KEY_AND_VALUE`. */ type?: pulumi.Input; /** * The value of the tag filter. * * Multiple occurrences of `ec2TagFilter` are allowed, where any instance that matches to at least one of the tag filters is selected. */ value?: pulumi.Input; } export interface DeploymentGroupEcsService { /** * The name of the ECS cluster. */ clusterName: pulumi.Input; /** * The name of the ECS service. */ serviceName: pulumi.Input; } export interface DeploymentGroupLoadBalancerInfo { /** * The Classic Elastic Load Balancer to use in a deployment. Conflicts with `targetGroupInfo` and `targetGroupPairInfo`. */ elbInfos?: pulumi.Input[]>; /** * The (Application/Network Load Balancer) target group to use in a deployment. Conflicts with `elbInfo` and `targetGroupPairInfo`. */ targetGroupInfos?: pulumi.Input[]>; /** * The (Application/Network Load Balancer) target group pair to use in a deployment. Conflicts with `elbInfo` and `targetGroupInfo`. */ targetGroupPairInfo?: pulumi.Input; } export interface DeploymentGroupLoadBalancerInfoElbInfo { /** * The name of the load balancer that will be used to route traffic from original instances to replacement instances in a blue/green deployment. For in-place deployments, the name of the load balancer that instances are deregistered from so they are not serving traffic during a deployment, and then re-registered with after the deployment completes. */ name?: pulumi.Input; } export interface DeploymentGroupLoadBalancerInfoTargetGroupInfo { /** * The name of the target group that instances in the original environment are deregistered from, and instances in the replacement environment registered with. For in-place deployments, the name of the target group that instances are deregistered from, so they are not serving traffic during a deployment, and then re-registered with after the deployment completes. */ name?: pulumi.Input; } export interface DeploymentGroupLoadBalancerInfoTargetGroupPairInfo { /** * Configuration block for the production traffic route (documented below). */ prodTrafficRoute: pulumi.Input; /** * Configuration blocks for a target group within a target group pair (documented below). */ targetGroups: pulumi.Input[]>; /** * Configuration block for the test traffic route (documented below). */ testTrafficRoute?: pulumi.Input; } export interface DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRoute { /** * List of Amazon Resource Names (ARNs) of the load balancer listeners. Must contain exactly one listener ARN. */ listenerArns: pulumi.Input[]>; } export interface DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroup { /** * Name of the target group. */ name: pulumi.Input; } export interface DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTestTrafficRoute { /** * List of Amazon Resource Names (ARNs) of the load balancer listeners. */ listenerArns: pulumi.Input[]>; } export interface DeploymentGroupOnPremisesInstanceTagFilter { /** * The key of the tag filter. */ key?: pulumi.Input; /** * The type of the tag filter, either `KEY_ONLY`, `VALUE_ONLY`, or `KEY_AND_VALUE`. */ type?: pulumi.Input; /** * The value of the tag filter. */ value?: pulumi.Input; } export interface DeploymentGroupTriggerConfiguration { /** * The event type or types for which notifications are triggered. Some values that are supported: `DeploymentStart`, `DeploymentSuccess`, `DeploymentFailure`, `DeploymentStop`, `DeploymentRollback`, `InstanceStart`, `InstanceSuccess`, `InstanceFailure`. See [the CodeDeploy documentation](http://docs.aws.amazon.com/codedeploy/latest/userguide/monitoring-sns-event-notifications-create-trigger.html) for all possible values. */ triggerEvents: pulumi.Input[]>; /** * The name of the notification trigger. */ triggerName: pulumi.Input; /** * The ARN of the SNS topic through which notifications are sent. */ triggerTargetArn: pulumi.Input; } } export namespace codegurureviewer { export interface RepositoryAssociationKmsKeyDetails { /** * The encryption option for a repository association. It is either owned by AWS Key Management Service (KMS) (`AWS_OWNED_CMK`) or customer managed (`CUSTOMER_MANAGED_CMK`). */ encryptionOption?: pulumi.Input; /** * The ID of the AWS KMS key that is associated with a repository association. */ kmsKeyId?: pulumi.Input; } export interface RepositoryAssociationRepository { bitbucket?: pulumi.Input; codecommit?: pulumi.Input; githubEnterpriseServer?: pulumi.Input; s3Bucket?: pulumi.Input; } export interface RepositoryAssociationRepositoryBitbucket { /** * The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection. */ connectionArn: pulumi.Input; /** * The name of the third party source repository. */ name: pulumi.Input; /** * The username for the account that owns the repository. */ owner: pulumi.Input; } export interface RepositoryAssociationRepositoryCodecommit { /** * The name of the AWS CodeCommit repository. */ name: pulumi.Input; } export interface RepositoryAssociationRepositoryGithubEnterpriseServer { /** * The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection. */ connectionArn: pulumi.Input; /** * The name of the third party source repository. */ name: pulumi.Input; /** * The username for the account that owns the repository. */ owner: pulumi.Input; } export interface RepositoryAssociationRepositoryS3Bucket { /** * The name of the S3 bucket used for associating a new S3 repository. Note: The name must begin with `codeguru-reviewer-`. */ bucketName: pulumi.Input; /** * The name of the third party source repository. */ name: pulumi.Input; } export interface RepositoryAssociationS3RepositoryDetail { /** * The name of the S3 bucket used for associating a new S3 repository. Note: The name must begin with `codeguru-reviewer-`. */ bucketName?: pulumi.Input; codeArtifacts?: pulumi.Input[]>; } export interface RepositoryAssociationS3RepositoryDetailCodeArtifact { buildArtifactsObjectKey?: pulumi.Input; sourceCodeArtifactsObjectKey?: pulumi.Input; } } export namespace codepipeline { export interface CustomActionTypeConfigurationProperty { /** * The description of the action configuration property. */ description?: pulumi.Input; /** * Whether the configuration property is a key. */ key: pulumi.Input; /** * The name of the action configuration property. */ name: pulumi.Input; /** * Indicates that the property will be used in conjunction with PollForJobs. */ queryable?: pulumi.Input; /** * Whether the configuration property is a required value. */ required: pulumi.Input; /** * Whether the configuration property is secret. */ secret: pulumi.Input; /** * The type of the configuration property. Valid values: `String`, `Number`, `Boolean` */ type?: pulumi.Input; } export interface CustomActionTypeInputArtifactDetails { /** * The maximum number of artifacts allowed for the action type. Min: 0, Max: 5 */ maximumCount: pulumi.Input; /** * The minimum number of artifacts allowed for the action type. Min: 0, Max: 5 */ minimumCount: pulumi.Input; } export interface CustomActionTypeOutputArtifactDetails { /** * The maximum number of artifacts allowed for the action type. Min: 0, Max: 5 */ maximumCount: pulumi.Input; /** * The minimum number of artifacts allowed for the action type. Min: 0, Max: 5 */ minimumCount: pulumi.Input; } export interface CustomActionTypeSettings { /** * The URL returned to the AWS CodePipeline console that provides a deep link to the resources of the external system. */ entityUrlTemplate?: pulumi.Input; /** * The URL returned to the AWS CodePipeline console that contains a link to the top-level landing page for the external system. */ executionUrlTemplate?: pulumi.Input; /** * The URL returned to the AWS CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action. */ revisionUrlTemplate?: pulumi.Input; /** * The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service. */ thirdPartyConfigurationUrl?: pulumi.Input; } export interface PipelineArtifactStore { /** * The encryption key block AWS CodePipeline uses to encrypt the data in the artifact store, such as an AWS Key Management Service (AWS KMS) key. If you don't specify a key, AWS CodePipeline uses the default key for Amazon Simple Storage Service (Amazon S3). An `encryptionKey` block is documented below. */ encryptionKey?: pulumi.Input; /** * The location where AWS CodePipeline stores artifacts for a pipeline; currently only `S3` is supported. */ location: pulumi.Input; /** * The region where the artifact store is located. Required for a cross-region CodePipeline, do not provide for a single-region CodePipeline. */ region?: pulumi.Input; /** * The type of the artifact store, such as Amazon S3 */ type: pulumi.Input; } export interface PipelineArtifactStoreEncryptionKey { /** * The KMS key ARN or ID */ id: pulumi.Input; /** * The type of key; currently only `KMS` is supported */ type: pulumi.Input; } export interface PipelineStage { /** * The action(s) to include in the stage. Defined as an `action` block below */ actions: pulumi.Input[]>; /** * The name of the stage. */ name: pulumi.Input; } export interface PipelineStageAction { /** * A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Possible values are `Approval`, `Build`, `Deploy`, `Invoke`, `Source` and `Test`. */ category: pulumi.Input; /** * A map of the action declaration's configuration. Configurations options for action types and providers can be found in the [Pipeline Structure Reference](http://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) and [Action Structure Reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) documentation. */ configuration?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * A list of artifact names to be worked on. */ inputArtifacts?: pulumi.Input[]>; /** * The action declaration's name. */ name: pulumi.Input; /** * The namespace all output variables will be accessed from. * * > **Note:** The input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions. */ namespace?: pulumi.Input; /** * A list of artifact names to output. Output artifact names must be unique within a pipeline. */ outputArtifacts?: pulumi.Input[]>; /** * The creator of the action being called. Possible values are `AWS`, `Custom` and `ThirdParty`. */ owner: pulumi.Input; /** * The provider of the service being called by the action. Valid providers are determined by the action category. Provider names are listed in the [Action Structure Reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) documentation. */ provider: pulumi.Input; /** * The region in which to run the action. */ region?: pulumi.Input; /** * The ARN of the IAM service role that will perform the declared action. This is assumed through the roleArn for the pipeline. */ roleArn?: pulumi.Input; /** * The order in which actions are run. */ runOrder?: pulumi.Input; /** * A string that identifies the action type. */ version: pulumi.Input; } export interface WebhookAuthenticationConfiguration { /** * A valid CIDR block for `IP` filtering. Required for `IP`. */ allowedIpRange?: pulumi.Input; /** * The shared secret for the GitHub repository webhook. Set this as `secret` in your `githubRepositoryWebhook`'s `configuration` block. Required for `GITHUB_HMAC`. */ secretToken?: pulumi.Input; } export interface WebhookFilter { /** * The [JSON path](https://github.com/json-path/JsonPath) to filter on. */ jsonPath: pulumi.Input; /** * The value to match on (e.g., `refs/heads/{Branch}`). See [AWS docs](https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_WebhookFilterRule.html) for details. */ matchEquals: pulumi.Input; } } export namespace codestarconnections { export interface HostVpcConfiguration { /** * ID of the security group or security groups associated with the Amazon VPC connected to the infrastructure where your provider type is installed. */ securityGroupIds: pulumi.Input[]>; /** * The ID of the subnet or subnets associated with the Amazon VPC connected to the infrastructure where your provider type is installed. */ subnetIds: pulumi.Input[]>; /** * The value of the Transport Layer Security (TLS) certificate associated with the infrastructure where your provider type is installed. */ tlsCertificate?: pulumi.Input; /** * The ID of the Amazon VPC connected to the infrastructure where your provider type is installed. */ vpcId: pulumi.Input; } } export namespace codestarnotifications { export interface NotificationRuleTarget { /** * The ARN of notification rule target. For example, a SNS Topic ARN. */ address: pulumi.Input; /** * The status of the notification rule. Possible values are `ENABLED` and `DISABLED`, default is `ENABLED`. */ status?: pulumi.Input; /** * The type of the notification target. Default value is `SNS`. */ type?: pulumi.Input; } } export namespace cognito { export interface IdentityPoolCognitoIdentityProvider { /** * The client ID for the Amazon Cognito Identity User Pool. */ clientId?: pulumi.Input; /** * The provider name for an Amazon Cognito Identity User Pool. */ providerName?: pulumi.Input; /** * Whether server-side token validation is enabled for the identity provider’s token or not. */ serverSideTokenCheck?: pulumi.Input; } export interface IdentityPoolRoleAttachmentRoleMapping { /** * Specifies the action to be taken if either no rules match the claim value for the Rules type, or there is no cognito:preferred_role claim and there are multiple cognito:roles matches for the Token type. `Required` if you specify Token or Rules as the Type. */ ambiguousRoleResolution?: pulumi.Input; /** * A string identifying the identity provider, for example, "graph.facebook.com" or "cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id". Depends on `cognitoIdentityProviders` set on `aws.cognito.IdentityPool` resource or a `aws.cognito.IdentityProvider` resource. */ identityProvider: pulumi.Input; /** * The Rules Configuration to be used for mapping users to roles. You can specify up to 25 rules per identity provider. Rules are evaluated in order. The first one to match specifies the role. */ mappingRules?: pulumi.Input[]>; /** * The role mapping type. */ type: pulumi.Input; } export interface IdentityPoolRoleAttachmentRoleMappingMappingRule { /** * The claim name that must be present in the token, for example, "isAdmin" or "paid". */ claim: pulumi.Input; /** * The match condition that specifies how closely the claim value in the IdP token must match Value. */ matchType: pulumi.Input; /** * The role ARN. */ roleArn: pulumi.Input; /** * A brief string that the claim must match, for example, "paid" or "yes". */ value: pulumi.Input; } export interface ManagedUserPoolClientAnalyticsConfiguration { /** * Application ARN for an Amazon Pinpoint application. It conflicts with `externalId` and `roleArn`. */ applicationArn?: pulumi.Input; /** * Unique identifier for an Amazon Pinpoint application. */ applicationId?: pulumi.Input; /** * ID for the Analytics Configuration and conflicts with `applicationArn`. */ externalId?: pulumi.Input; /** * ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics. It conflicts with `applicationArn`. */ roleArn?: pulumi.Input; /** * If `userDataShared` is set to `true`, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics. */ userDataShared?: pulumi.Input; } export interface ManagedUserPoolClientTokenValidityUnits { /** * Time unit for the value in `accessTokenValidity` and defaults to `hours`. */ accessToken?: pulumi.Input; /** * Time unit for the value in `idTokenValidity`, and it defaults to `hours`. */ idToken?: pulumi.Input; /** * Time unit for the value in `refreshTokenValidity` and defaults to `days`. */ refreshToken?: pulumi.Input; } export interface ResourceServerScope { /** * The scope description. */ scopeDescription: pulumi.Input; /** * The scope name. */ scopeName: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfiguration { /** * Account takeover risk configuration actions. See details below. */ actions: pulumi.Input; /** * The notify configuration used to construct email notifications. See details below. */ notifyConfiguration: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationActions { /** * Action to take for a high risk. See action block below. */ highAction?: pulumi.Input; /** * Action to take for a low risk. See action block below. */ lowAction?: pulumi.Input; /** * Action to take for a medium risk. See action block below. */ mediumAction?: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationActionsHighAction { /** * The action to take in response to the account takeover action. Valid values are `BLOCK`, `MFA_IF_CONFIGURED`, `MFA_REQUIRED` and `NO_ACTION`. */ eventAction: pulumi.Input; notify: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationActionsLowAction { /** * The action to take in response to the account takeover action. Valid values are `BLOCK`, `MFA_IF_CONFIGURED`, `MFA_REQUIRED` and `NO_ACTION`. */ eventAction: pulumi.Input; notify: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationActionsMediumAction { /** * The action to take in response to the account takeover action. Valid values are `BLOCK`, `MFA_IF_CONFIGURED`, `MFA_REQUIRED` and `NO_ACTION`. */ eventAction: pulumi.Input; notify: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfiguration { /** * Email template used when a detected risk event is blocked. See notify email type below. */ blockEmail?: pulumi.Input; /** * The email address that is sending the email. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES. */ from?: pulumi.Input; /** * The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk. See notify email type below. */ mfaEmail?: pulumi.Input; /** * The email template used when a detected risk event is allowed. See notify email type below. */ noActionEmail?: pulumi.Input; /** * The destination to which the receiver of an email should reply to. */ replyTo?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter. */ sourceArn: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationBlockEmail { /** * The email HTML body. */ htmlBody: pulumi.Input; /** * The email subject. */ subject: pulumi.Input; /** * The email text body. */ textBody: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationMfaEmail { /** * The email HTML body. */ htmlBody: pulumi.Input; /** * The email subject. */ subject: pulumi.Input; /** * The email text body. */ textBody: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationNoActionEmail { /** * The email HTML body. */ htmlBody: pulumi.Input; /** * The email subject. */ subject: pulumi.Input; /** * The email text body. */ textBody: pulumi.Input; } export interface RiskConfigurationCompromisedCredentialsRiskConfiguration { /** * The compromised credentials risk configuration actions. See details below. */ actions: pulumi.Input; /** * Perform the action for these events. The default is to perform all events if no event filter is specified. Valid values are `SIGN_IN`, `PASSWORD_CHANGE`, and `SIGN_UP`. */ eventFilters?: pulumi.Input[]>; } export interface RiskConfigurationCompromisedCredentialsRiskConfigurationActions { /** * The event action. Valid values are `BLOCK` or `NO_ACTION`. */ eventAction: pulumi.Input; } export interface RiskConfigurationRiskExceptionConfiguration { /** * Overrides the risk decision to always block the pre-authentication requests. * The IP range is in CIDR notation, a compact representation of an IP address and its routing prefix. * Can contain a maximum of 200 items. */ blockedIpRangeLists?: pulumi.Input[]>; /** * Risk detection isn't performed on the IP addresses in this range list. * The IP range is in CIDR notation. * Can contain a maximum of 200 items. */ skippedIpRangeLists?: pulumi.Input[]>; } export interface UserPoolAccountRecoverySetting { /** * List of Account Recovery Options of the following structure: */ recoveryMechanisms?: pulumi.Input[]>; } export interface UserPoolAccountRecoverySettingRecoveryMechanism { /** * Name of the user pool. * * The following arguments are optional: */ name: pulumi.Input; /** * Positive integer specifying priority of a method with 1 being the highest priority. */ priority: pulumi.Input; } export interface UserPoolAdminCreateUserConfig { /** * Set to True if only the administrator is allowed to create user profiles. Set to False if users can sign themselves up via an app. */ allowAdminCreateUserOnly?: pulumi.Input; /** * Invite message template structure. Detailed below. */ inviteMessageTemplate?: pulumi.Input; } export interface UserPoolAdminCreateUserConfigInviteMessageTemplate { /** * Message template for email messages. Must contain `{username}` and `{####}` placeholders, for username and temporary password, respectively. */ emailMessage?: pulumi.Input; /** * Subject line for email messages. */ emailSubject?: pulumi.Input; /** * Message template for SMS messages. Must contain `{username}` and `{####}` placeholders, for username and temporary password, respectively. */ smsMessage?: pulumi.Input; } export interface UserPoolClientAnalyticsConfiguration { /** * Application ARN for an Amazon Pinpoint application. Conflicts with `externalId` and `roleArn`. */ applicationArn?: pulumi.Input; /** * Application ID for an Amazon Pinpoint application. */ applicationId?: pulumi.Input; /** * ID for the Analytics Configuration. Conflicts with `applicationArn`. */ externalId?: pulumi.Input; /** * ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics. Conflicts with `applicationArn`. */ roleArn?: pulumi.Input; /** * If set to `true`, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics. */ userDataShared?: pulumi.Input; } export interface UserPoolClientTokenValidityUnits { /** * Time unit in for the value in `accessTokenValidity`, defaults to `hours`. */ accessToken?: pulumi.Input; /** * Time unit in for the value in `idTokenValidity`, defaults to `hours`. */ idToken?: pulumi.Input; /** * Time unit in for the value in `refreshTokenValidity`, defaults to `days`. */ refreshToken?: pulumi.Input; } export interface UserPoolDeviceConfiguration { /** * Whether a challenge is required on a new device. Only applicable to a new device. */ challengeRequiredOnNewDevice?: pulumi.Input; /** * Whether a device is only remembered on user prompt. `false` equates to "Always" remember, `true` is "User Opt In," and not using a `deviceConfiguration` block is "No." */ deviceOnlyRememberedOnUserPrompt?: pulumi.Input; } export interface UserPoolEmailConfiguration { /** * Email configuration set name from SES. */ configurationSet?: pulumi.Input; /** * Email delivery method to use. `COGNITO_DEFAULT` for the default email functionality built into Cognito or `DEVELOPER` to use your Amazon SES configuration. Required to be `DEVELOPER` if `fromEmailAddress` is set. */ emailSendingAccount?: pulumi.Input; /** * Sender’s email address or sender’s display name with their email address (e.g., `john@example.com`, `John Smith ` or `\"John Smith Ph.D.\" `). Escaped double quotes are required around display names that contain certain characters as specified in [RFC 5322](https://tools.ietf.org/html/rfc5322). */ fromEmailAddress?: pulumi.Input; /** * REPLY-TO email address. */ replyToEmailAddress?: pulumi.Input; /** * ARN of the SES verified email identity to use. Required if `emailSendingAccount` is set to `DEVELOPER`. */ sourceArn?: pulumi.Input; } export interface UserPoolLambdaConfig { /** * ARN of the lambda creating an authentication challenge. */ createAuthChallenge?: pulumi.Input; /** * A custom email sender AWS Lambda trigger. See customEmailSender Below. */ customEmailSender?: pulumi.Input; /** * Custom Message AWS Lambda trigger. */ customMessage?: pulumi.Input; /** * A custom SMS sender AWS Lambda trigger. See customSmsSender Below. */ customSmsSender?: pulumi.Input; /** * Defines the authentication challenge. */ defineAuthChallenge?: pulumi.Input; /** * The Amazon Resource Name of Key Management Service Customer master keys. Amazon Cognito uses the key to encrypt codes and temporary passwords sent to CustomEmailSender and CustomSMSSender. */ kmsKeyId?: pulumi.Input; /** * Post-authentication AWS Lambda trigger. */ postAuthentication?: pulumi.Input; /** * Post-confirmation AWS Lambda trigger. */ postConfirmation?: pulumi.Input; /** * Pre-authentication AWS Lambda trigger. */ preAuthentication?: pulumi.Input; /** * Pre-registration AWS Lambda trigger. */ preSignUp?: pulumi.Input; /** * Allow to customize identity token claims before token generation. */ preTokenGeneration?: pulumi.Input; /** * User migration Lambda config type. */ userMigration?: pulumi.Input; /** * Verifies the authentication challenge response. */ verifyAuthChallengeResponse?: pulumi.Input; } export interface UserPoolLambdaConfigCustomEmailSender { /** * The Lambda Amazon Resource Name of the Lambda function that Amazon Cognito triggers to send email notifications to users. */ lambdaArn: pulumi.Input; /** * The Lambda version represents the signature of the "request" attribute in the "event" information Amazon Cognito passes to your custom email Lambda function. The only supported value is `V1_0`. */ lambdaVersion: pulumi.Input; } export interface UserPoolLambdaConfigCustomSmsSender { /** * The Lambda Amazon Resource Name of the Lambda function that Amazon Cognito triggers to send SMS notifications to users. */ lambdaArn: pulumi.Input; /** * The Lambda version represents the signature of the "request" attribute in the "event" information Amazon Cognito passes to your custom SMS Lambda function. The only supported value is `V1_0`. */ lambdaVersion: pulumi.Input; } export interface UserPoolPasswordPolicy { /** * Minimum length of the password policy that you have set. */ minimumLength?: pulumi.Input; /** * Whether you have required users to use at least one lowercase letter in their password. */ requireLowercase?: pulumi.Input; /** * Whether you have required users to use at least one number in their password. */ requireNumbers?: pulumi.Input; /** * Whether you have required users to use at least one symbol in their password. */ requireSymbols?: pulumi.Input; /** * Whether you have required users to use at least one uppercase letter in their password. */ requireUppercase?: pulumi.Input; /** * In the password policy you have set, refers to the number of days a temporary password is valid. If the user does not sign-in during this time, their password will need to be reset by an administrator. */ temporaryPasswordValidityDays?: pulumi.Input; } export interface UserPoolSchema { /** * Attribute data type. Must be one of `Boolean`, `Number`, `String`, `DateTime`. */ attributeDataType: pulumi.Input; /** * Whether the attribute type is developer only. */ developerOnlyAttribute?: pulumi.Input; /** * Whether the attribute can be changed once it has been created. */ mutable?: pulumi.Input; /** * Name of the attribute. */ name: pulumi.Input; /** * Configuration block for the constraints for an attribute of the number type. Detailed below. */ numberAttributeConstraints?: pulumi.Input; /** * Whether a user pool attribute is required. If the attribute is required and the user does not provide a value, registration or sign-in will fail. */ required?: pulumi.Input; /** * Constraints for an attribute of the string type. Detailed below. */ stringAttributeConstraints?: pulumi.Input; } export interface UserPoolSchemaNumberAttributeConstraints { /** * Maximum value of an attribute that is of the number data type. */ maxValue?: pulumi.Input; /** * Minimum value of an attribute that is of the number data type. */ minValue?: pulumi.Input; } export interface UserPoolSchemaStringAttributeConstraints { /** * Maximum length of an attribute value of the string type. */ maxLength?: pulumi.Input; /** * Minimum length of an attribute value of the string type. */ minLength?: pulumi.Input; } export interface UserPoolSmsConfiguration { /** * External ID used in IAM role trust relationships. For more information about using external IDs, see [How to Use an External ID When Granting Access to Your AWS Resources to a Third Party](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html). */ externalId: pulumi.Input; /** * ARN of the Amazon SNS caller. This is usually the IAM role that you've given Cognito permission to assume. */ snsCallerArn: pulumi.Input; /** * The AWS Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported Legacy Amazon SNS alternate Region. Amazon Cognito resources in the Asia Pacific (Seoul) AWS Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see [SMS message settings for Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html). */ snsRegion?: pulumi.Input; } export interface UserPoolSoftwareTokenMfaConfiguration { /** * Boolean whether to enable software token Multi-Factor (MFA) tokens, such as Time-based One-Time Password (TOTP). To disable software token MFA When `smsConfiguration` is not present, the `mfaConfiguration` argument must be set to `OFF` and the `softwareTokenMfaConfiguration` configuration block must be fully removed. */ enabled: pulumi.Input; } export interface UserPoolUserAttributeUpdateSettings { /** * A list of attributes requiring verification before update. If set, the provided value(s) must also be set in `autoVerifiedAttributes`. Valid values: `email`, `phoneNumber`. */ attributesRequireVerificationBeforeUpdates: pulumi.Input[]>; } export interface UserPoolUserPoolAddOns { /** * Mode for advanced security, must be one of `OFF`, `AUDIT` or `ENFORCED`. */ advancedSecurityMode: pulumi.Input; } export interface UserPoolUsernameConfiguration { /** * Whether username case sensitivity will be applied for all users in the user pool through Cognito APIs. */ caseSensitive: pulumi.Input; } export interface UserPoolVerificationMessageTemplate { /** * Default email option. Must be either `CONFIRM_WITH_CODE` or `CONFIRM_WITH_LINK`. Defaults to `CONFIRM_WITH_CODE`. */ defaultEmailOption?: pulumi.Input; /** * Email message template. Must contain the `{####}` placeholder. Conflicts with `emailVerificationMessage` argument. */ emailMessage?: pulumi.Input; /** * Email message template for sending a confirmation link to the user, it must contain the `{##Click Here##}` placeholder. */ emailMessageByLink?: pulumi.Input; /** * Subject line for the email message template. Conflicts with `emailVerificationSubject` argument. */ emailSubject?: pulumi.Input; /** * Subject line for the email message template for sending a confirmation link to the user. */ emailSubjectByLink?: pulumi.Input; /** * SMS message template. Must contain the `{####}` placeholder. Conflicts with `smsVerificationMessage` argument. */ smsMessage?: pulumi.Input; } } export namespace comprehend { export interface DocumentClassifierInputDataConfig { /** * List of training datasets produced by Amazon SageMaker Ground Truth. * Used if `dataFormat` is `AUGMENTED_MANIFEST`. * See the `augmentedManifests` Configuration Block section below. */ augmentedManifests?: pulumi.Input[]>; /** * The format for the training data. * One of `COMPREHEND_CSV` or `AUGMENTED_MANIFEST`. */ dataFormat?: pulumi.Input; /** * Delimiter between labels when training a multi-label classifier. * Valid values are `|`, `~`, `!`, `@`, `#`, `$`, `%`, `^`, `*`, `-`, `_`, `+`, `=`, `\`, `:`, `;`, `>`, `?`, `/`, ``, and ``. * Default is `|`. */ labelDelimiter?: pulumi.Input; /** * Location of training documents. * Used if `dataFormat` is `COMPREHEND_CSV`. */ s3Uri?: pulumi.Input; testS3Uri?: pulumi.Input; } export interface DocumentClassifierInputDataConfigAugmentedManifest { /** * Location of annotation files. */ annotationDataS3Uri?: pulumi.Input; /** * The JSON attribute that contains the annotations for the training documents. */ attributeNames: pulumi.Input[]>; /** * Type of augmented manifest. * One of `PLAIN_TEXT_DOCUMENT` or `SEMI_STRUCTURED_DOCUMENT`. */ documentType?: pulumi.Input; /** * Location of augmented manifest file. */ s3Uri: pulumi.Input; /** * Location of source PDF files. */ sourceDocumentsS3Uri?: pulumi.Input; /** * Purpose of data in augmented manifest. * One of `TRAIN` or `TEST`. */ split?: pulumi.Input; } export interface DocumentClassifierOutputDataConfig { /** * KMS Key used to encrypt the output documents. * Can be a KMS Key ID, a KMS Key ARN, a KMS Alias name, or a KMS Alias ARN. */ kmsKeyId?: pulumi.Input; /** * Full path for the output documents. */ outputS3Uri?: pulumi.Input; /** * Destination path for the output documents. * The full path to the output file will be returned in `outputS3Uri`. */ s3Uri: pulumi.Input; } export interface DocumentClassifierVpcConfig { /** * List of security group IDs. */ securityGroupIds: pulumi.Input[]>; /** * List of VPC subnets. */ subnets: pulumi.Input[]>; } export interface EntityRecognizerInputDataConfig { /** * Specifies location of the document annotation data. * See the `annotations` Configuration Block section below. * One of `annotations` or `entityList` is required. */ annotations?: pulumi.Input; /** * List of training datasets produced by Amazon SageMaker Ground Truth. * Used if `dataFormat` is `AUGMENTED_MANIFEST`. * See the `augmentedManifests` Configuration Block section below. */ augmentedManifests?: pulumi.Input[]>; /** * The format for the training data. * One of `COMPREHEND_CSV` or `AUGMENTED_MANIFEST`. */ dataFormat?: pulumi.Input; /** * Specifies a collection of training documents. * Used if `dataFormat` is `COMPREHEND_CSV`. * See the `documents` Configuration Block section below. */ documents?: pulumi.Input; /** * Specifies location of the entity list data. * See the `entityList` Configuration Block section below. * One of `entityList` or `annotations` is required. */ entityList?: pulumi.Input; /** * Set of entity types to be recognized. * Has a maximum of 25 items. * See the `entityTypes` Configuration Block section below. */ entityTypes: pulumi.Input[]>; } export interface EntityRecognizerInputDataConfigAnnotations { /** * Location of training annotations. */ s3Uri: pulumi.Input; testS3Uri?: pulumi.Input; } export interface EntityRecognizerInputDataConfigAugmentedManifest { /** * Location of annotation files. */ annotationDataS3Uri?: pulumi.Input; /** * The JSON attribute that contains the annotations for the training documents. */ attributeNames: pulumi.Input[]>; /** * Type of augmented manifest. * One of `PLAIN_TEXT_DOCUMENT` or `SEMI_STRUCTURED_DOCUMENT`. */ documentType?: pulumi.Input; /** * Location of augmented manifest file. */ s3Uri: pulumi.Input; /** * Location of source PDF files. */ sourceDocumentsS3Uri?: pulumi.Input; /** * Purpose of data in augmented manifest. * One of `TRAIN` or `TEST`. */ split?: pulumi.Input; } export interface EntityRecognizerInputDataConfigDocuments { /** * Specifies how the input files should be processed. * One of `ONE_DOC_PER_LINE` or `ONE_DOC_PER_FILE`. */ inputFormat?: pulumi.Input; /** * Location of training documents. */ s3Uri: pulumi.Input; testS3Uri?: pulumi.Input; } export interface EntityRecognizerInputDataConfigEntityList { /** * Location of entity list. */ s3Uri: pulumi.Input; } export interface EntityRecognizerInputDataConfigEntityType { /** * An entity type to be matched by the Entity Recognizer. * Cannot contain a newline (`\n`), carriage return (`\r`), or tab (`\t`). */ type: pulumi.Input; } export interface EntityRecognizerVpcConfig { /** * List of security group IDs. */ securityGroupIds: pulumi.Input[]>; /** * List of VPC subnets. */ subnets: pulumi.Input[]>; } } export namespace config { } export namespace connect { export interface BotAssociationLexBot { /** * The Region that the Amazon Lex (V1) bot was created in. Defaults to current region. */ lexRegion?: pulumi.Input; /** * The name of the Amazon Lex (V1) bot. */ name: pulumi.Input; } export interface GetBotAssociationLexBot { /** * Region that the Amazon Lex (V1) bot was created in. */ lexRegion?: string; /** * Name of the Amazon Lex (V1) bot. */ name: string; } export interface GetBotAssociationLexBotArgs { /** * Region that the Amazon Lex (V1) bot was created in. */ lexRegion?: pulumi.Input; /** * Name of the Amazon Lex (V1) bot. */ name: pulumi.Input; } export interface HoursOfOperationConfig { /** * Specifies the day that the hours of operation applies to. */ day: pulumi.Input; /** * A end time block specifies the time that your contact center closes. The `endTime` is documented below. */ endTime: pulumi.Input; /** * A start time block specifies the time that your contact center opens. The `startTime` is documented below. */ startTime: pulumi.Input; } export interface HoursOfOperationConfigEndTime { /** * Specifies the hour of closing. */ hours: pulumi.Input; /** * Specifies the minute of closing. */ minutes: pulumi.Input; } export interface HoursOfOperationConfigStartTime { /** * Specifies the hour of opening. */ hours: pulumi.Input; /** * Specifies the minute of opening. */ minutes: pulumi.Input; } export interface InstanceStorageConfigStorageConfig { /** * A block that specifies the configuration of the Kinesis Firehose delivery stream. Documented below. */ kinesisFirehoseConfig?: pulumi.Input; /** * A block that specifies the configuration of the Kinesis data stream. Documented below. */ kinesisStreamConfig?: pulumi.Input; /** * A block that specifies the configuration of the Kinesis video stream. Documented below. */ kinesisVideoStreamConfig?: pulumi.Input; /** * A block that specifies the configuration of S3 Bucket. Documented below. */ s3Config?: pulumi.Input; /** * A valid storage type. Valid Values: `S3` | `KINESIS_VIDEO_STREAM` | `KINESIS_STREAM` | `KINESIS_FIREHOSE`. */ storageType: pulumi.Input; } export interface InstanceStorageConfigStorageConfigKinesisFirehoseConfig { /** * The Amazon Resource Name (ARN) of the delivery stream. */ firehoseArn: pulumi.Input; } export interface InstanceStorageConfigStorageConfigKinesisStreamConfig { /** * The Amazon Resource Name (ARN) of the data stream. */ streamArn: pulumi.Input; } export interface InstanceStorageConfigStorageConfigKinesisVideoStreamConfig { /** * The encryption configuration. Documented below. */ encryptionConfig: pulumi.Input; /** * The prefix of the video stream. Minimum length of `1`. Maximum length of `128`. When read from the state, the value returned is `-connect--contact-` since the API appends additional details to the `prefix`. */ prefix: pulumi.Input; /** * The number of hours data is retained in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream. Minimum value of `0`. Maximum value of `87600`. A value of `0`, indicates that the stream does not persist data. */ retentionPeriodHours: pulumi.Input; } export interface InstanceStorageConfigStorageConfigKinesisVideoStreamConfigEncryptionConfig { /** * The type of encryption. Valid Values: `KMS`. */ encryptionType: pulumi.Input; /** * The full ARN of the encryption key. Be sure to provide the full ARN of the encryption key, not just the ID. */ keyId: pulumi.Input; } export interface InstanceStorageConfigStorageConfigS3Config { /** * The S3 bucket name. */ bucketName: pulumi.Input; /** * The S3 bucket prefix. */ bucketPrefix: pulumi.Input; /** * The encryption configuration. Documented below. */ encryptionConfig?: pulumi.Input; } export interface InstanceStorageConfigStorageConfigS3ConfigEncryptionConfig { /** * The type of encryption. Valid Values: `KMS`. */ encryptionType: pulumi.Input; /** * The full ARN of the encryption key. Be sure to provide the full ARN of the encryption key, not just the ID. */ keyId: pulumi.Input; } export interface PhoneNumberStatus { /** * The status message. */ message?: pulumi.Input; /** * The status of the phone number. Valid Values: `CLAIMED` | `IN_PROGRESS` | `FAILED`. */ status?: pulumi.Input; } export interface QueueOutboundCallerConfig { /** * Specifies the caller ID name. */ outboundCallerIdName?: pulumi.Input; /** * Specifies the caller ID number. */ outboundCallerIdNumberId?: pulumi.Input; /** * Specifies outbound whisper flow to be used during an outbound call. */ outboundFlowId?: pulumi.Input; } export interface QuickConnectQuickConnectConfig { /** * Specifies the phone configuration of the Quick Connect. This is required only if `quickConnectType` is `PHONE_NUMBER`. The `phoneConfig` block is documented below. */ phoneConfigs?: pulumi.Input[]>; /** * Specifies the queue configuration of the Quick Connect. This is required only if `quickConnectType` is `QUEUE`. The `queueConfig` block is documented below. */ queueConfigs?: pulumi.Input[]>; /** * Specifies the configuration type of the quick connect. valid values are `PHONE_NUMBER`, `QUEUE`, `USER`. */ quickConnectType: pulumi.Input; /** * Specifies the user configuration of the Quick Connect. This is required only if `quickConnectType` is `USER`. The `userConfig` block is documented below. */ userConfigs?: pulumi.Input[]>; } export interface QuickConnectQuickConnectConfigPhoneConfig { /** * Specifies the phone number in in E.164 format. */ phoneNumber: pulumi.Input; } export interface QuickConnectQuickConnectConfigQueueConfig { /** * Specifies the identifier of the contact flow. */ contactFlowId: pulumi.Input; /** * Specifies the identifier for the queue. */ queueId: pulumi.Input; } export interface QuickConnectQuickConnectConfigUserConfig { /** * Specifies the identifier of the contact flow. */ contactFlowId: pulumi.Input; /** * Specifies the identifier for the user. */ userId: pulumi.Input; } export interface RoutingProfileMediaConcurrency { /** * Specifies the channels that agents can handle in the Contact Control Panel (CCP). Valid values are `VOICE`, `CHAT`, `TASK`. */ channel: pulumi.Input; /** * Specifies the number of contacts an agent can have on a channel simultaneously. Valid Range for `VOICE`: Minimum value of 1. Maximum value of 1. Valid Range for `CHAT`: Minimum value of 1. Maximum value of 10. Valid Range for `TASK`: Minimum value of 1. Maximum value of 10. */ concurrency: pulumi.Input; } export interface RoutingProfileQueueConfig { /** * Specifies the channels agents can handle in the Contact Control Panel (CCP) for this routing profile. Valid values are `VOICE`, `CHAT`, `TASK`. */ channel: pulumi.Input; /** * Specifies the delay, in seconds, that a contact should be in the queue before they are routed to an available agent */ delay: pulumi.Input; /** * Specifies the order in which contacts are to be handled for the queue. */ priority: pulumi.Input; /** * ARN for the queue. */ queueArn?: pulumi.Input; /** * Specifies the identifier for the queue. */ queueId: pulumi.Input; /** * Name for the queue. */ queueName?: pulumi.Input; } export interface UserHierarchyGroupHierarchyPath { /** * A block that defines the details of level five. The level block is documented below. */ levelFives?: pulumi.Input[]>; /** * A block that defines the details of level four. The level block is documented below. */ levelFours?: pulumi.Input[]>; /** * A block that defines the details of level one. The level block is documented below. */ levelOnes?: pulumi.Input[]>; /** * A block that defines the details of level three. The level block is documented below. */ levelThrees?: pulumi.Input[]>; /** * A block that defines the details of level two. The level block is documented below. */ levelTwos?: pulumi.Input[]>; } export interface UserHierarchyGroupHierarchyPathLevelFife { /** * The Amazon Resource Name (ARN) of the hierarchy group. */ arn?: pulumi.Input; /** * The identifier of the hierarchy group. */ id?: pulumi.Input; /** * The name of the user hierarchy group. Must not be more than 100 characters. */ name?: pulumi.Input; } export interface UserHierarchyGroupHierarchyPathLevelFour { /** * The Amazon Resource Name (ARN) of the hierarchy group. */ arn?: pulumi.Input; /** * The identifier of the hierarchy group. */ id?: pulumi.Input; /** * The name of the user hierarchy group. Must not be more than 100 characters. */ name?: pulumi.Input; } export interface UserHierarchyGroupHierarchyPathLevelOne { /** * The Amazon Resource Name (ARN) of the hierarchy group. */ arn?: pulumi.Input; /** * The identifier of the hierarchy group. */ id?: pulumi.Input; /** * The name of the user hierarchy group. Must not be more than 100 characters. */ name?: pulumi.Input; } export interface UserHierarchyGroupHierarchyPathLevelThree { /** * The Amazon Resource Name (ARN) of the hierarchy group. */ arn?: pulumi.Input; /** * The identifier of the hierarchy group. */ id?: pulumi.Input; /** * The name of the user hierarchy group. Must not be more than 100 characters. */ name?: pulumi.Input; } export interface UserHierarchyGroupHierarchyPathLevelTwo { /** * The Amazon Resource Name (ARN) of the hierarchy group. */ arn?: pulumi.Input; /** * The identifier of the hierarchy group. */ id?: pulumi.Input; /** * The name of the user hierarchy group. Must not be more than 100 characters. */ name?: pulumi.Input; } export interface UserHierarchyStructureHierarchyStructure { /** * A block that defines the details of level five. The level block is documented below. * * Each level block supports the following arguments: */ levelFive?: pulumi.Input; /** * A block that defines the details of level four. The level block is documented below. */ levelFour?: pulumi.Input; /** * A block that defines the details of level one. The level block is documented below. */ levelOne?: pulumi.Input; /** * A block that defines the details of level three. The level block is documented below. */ levelThree?: pulumi.Input; /** * A block that defines the details of level two. The level block is documented below. */ levelTwo?: pulumi.Input; } export interface UserHierarchyStructureHierarchyStructureLevelFive { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ arn?: pulumi.Input; /** * The identifier of the hierarchy level. */ id?: pulumi.Input; /** * The name of the user hierarchy level. Must not be more than 50 characters. */ name: pulumi.Input; } export interface UserHierarchyStructureHierarchyStructureLevelFour { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ arn?: pulumi.Input; /** * The identifier of the hierarchy level. */ id?: pulumi.Input; /** * The name of the user hierarchy level. Must not be more than 50 characters. */ name: pulumi.Input; } export interface UserHierarchyStructureHierarchyStructureLevelOne { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ arn?: pulumi.Input; /** * The identifier of the hierarchy level. */ id?: pulumi.Input; /** * The name of the user hierarchy level. Must not be more than 50 characters. */ name: pulumi.Input; } export interface UserHierarchyStructureHierarchyStructureLevelThree { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ arn?: pulumi.Input; /** * The identifier of the hierarchy level. */ id?: pulumi.Input; /** * The name of the user hierarchy level. Must not be more than 50 characters. */ name: pulumi.Input; } export interface UserHierarchyStructureHierarchyStructureLevelTwo { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ arn?: pulumi.Input; /** * The identifier of the hierarchy level. */ id?: pulumi.Input; /** * The name of the user hierarchy level. Must not be more than 50 characters. */ name: pulumi.Input; } export interface UserIdentityInfo { /** * The email address. If you are using SAML for identity management and include this parameter, an error is returned. Note that updates to the `email` is supported. From the [UpdateUserIdentityInfo API documentation](https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserIdentityInfo.html) it is strongly recommended to limit who has the ability to invoke `UpdateUserIdentityInfo`. Someone with that ability can change the login credentials of other users by changing their email address. This poses a security risk to your organization. They can change the email address of a user to the attacker's email address, and then reset the password through email. For more information, see [Best Practices for Security Profiles](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-best-practices.html) in the Amazon Connect Administrator Guide. */ email?: pulumi.Input; /** * The first name. This is required if you are using Amazon Connect or SAML for identity management. Minimum length of 1. Maximum length of 100. */ firstName?: pulumi.Input; /** * The last name. This is required if you are using Amazon Connect or SAML for identity management. Minimum length of 1. Maximum length of 100. */ lastName?: pulumi.Input; } export interface UserPhoneConfig { /** * The After Call Work (ACW) timeout setting, in seconds. Minimum value of 0. */ afterContactWorkTimeLimit?: pulumi.Input; /** * When Auto-Accept Call is enabled for an available agent, the agent connects to contacts automatically. */ autoAccept?: pulumi.Input; /** * The phone number for the user's desk phone. Required if `phoneType` is set as `DESK_PHONE`. */ deskPhoneNumber?: pulumi.Input; /** * The phone type. Valid values are `DESK_PHONE` and `SOFT_PHONE`. */ phoneType: pulumi.Input; } } export namespace costexplorer { export interface AnomalySubscriptionSubscriber { /** * The address of the subscriber. If type is `SNS`, this will be the arn of the sns topic. If type is `EMAIL`, this will be the destination email address. */ address: pulumi.Input; /** * The type of subscription. Valid Values: `SNS` | `EMAIL`. */ type: pulumi.Input; } export interface AnomalySubscriptionThresholdExpression { /** * Return results that match both Dimension objects. */ ands?: pulumi.Input[]>; /** * Configuration block for the filter that's based on values. See Cost Category below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific Dimension to use for. */ dimension?: pulumi.Input; /** * Return results that match both Dimension object. */ not?: pulumi.Input; /** * Return results that match both Dimension object. */ ors?: pulumi.Input[]>; /** * Configuration block for the specific Tag to use for. See Tags below. */ tags?: pulumi.Input; } export interface AnomalySubscriptionThresholdExpressionAnd { /** * Configuration block for the filter that's based on values. See Cost Category below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific Dimension to use for. */ dimension?: pulumi.Input; /** * A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface AnomalySubscriptionThresholdExpressionAndCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionAndDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionAndTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionNot { /** * Configuration block for the filter that's based on values. See Cost Category below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific Dimension to use for. */ dimension?: pulumi.Input; /** * A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface AnomalySubscriptionThresholdExpressionNotCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionNotDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionNotTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionOr { /** * Configuration block for the filter that's based on values. See Cost Category below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific Dimension to use for. */ dimension?: pulumi.Input; /** * A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface AnomalySubscriptionThresholdExpressionOrCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionOrDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionOrTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRule { /** * Configuration block for the value the line item is categorized as if the line item contains the matched dimension. See below. */ inheritedValue?: pulumi.Input; /** * Configuration block for the `Expression` object used to categorize costs. See below. */ rule?: pulumi.Input; /** * You can define the CostCategoryRule rule type as either `REGULAR` or `INHERITED_VALUE`. */ type?: pulumi.Input; /** * Default value for the cost category. */ value?: pulumi.Input; } export interface CostCategoryRuleInheritedValue { /** * Key to extract cost category values. */ dimensionKey?: pulumi.Input; /** * Name of the dimension that's used to group costs. If you specify `LINKED_ACCOUNT_NAME`, the cost category value is based on account name. If you specify `TAG`, the cost category value will be based on the value of the specified tag key. Valid values are `LINKED_ACCOUNT_NAME`, `TAG` */ dimensionName?: pulumi.Input; } export interface CostCategoryRuleRule { /** * Return results that match both `Dimension` objects. */ ands?: pulumi.Input[]>; /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Return results that match both `Dimension` object. */ not?: pulumi.Input; /** * Return results that match both `Dimension` object. */ ors?: pulumi.Input[]>; /** * Configuration block for the specific `Tag` to use for `Expression`. See below. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleAnd { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleAndCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleAndDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleAndTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNot { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleNotCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNotDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNotTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOr { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleOrCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOrDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOrTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategorySplitChargeRule { /** * Method that's used to define how to split your source costs across your targets. Valid values are `FIXED`, `PROPORTIONAL`, `EVEN` */ method: pulumi.Input; /** * Configuration block for the parameters for a split charge method. This is only required for the `FIXED` method. See below. */ parameters?: pulumi.Input[]>; /** * Cost Category value that you want to split. */ source: pulumi.Input; /** * Cost Category values that you want to split costs across. These values can't be used as a source in other split charge rules. */ targets: pulumi.Input[]>; } export interface CostCategorySplitChargeRuleParameter { /** * Parameter type. */ type?: pulumi.Input; /** * Parameter values. */ values?: pulumi.Input[]>; } export interface GetTagsFilter { /** * Return results that match both `Dimension` objects. */ ands?: inputs.costexplorer.GetTagsFilterAnd[]; /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: inputs.costexplorer.GetTagsFilterCostCategory; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: inputs.costexplorer.GetTagsFilterDimension; /** * Return results that match both `Dimension` object. */ not?: inputs.costexplorer.GetTagsFilterNot; /** * Return results that match both `Dimension` object. */ ors?: inputs.costexplorer.GetTagsFilterOr[]; /** * Tags that match your request. */ tags?: inputs.costexplorer.GetTagsFilterTags; } export interface GetTagsFilterArgs { /** * Return results that match both `Dimension` objects. */ ands?: pulumi.Input[]>; /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Return results that match both `Dimension` object. */ not?: pulumi.Input; /** * Return results that match both `Dimension` object. */ ors?: pulumi.Input[]>; /** * Tags that match your request. */ tags?: pulumi.Input; } export interface GetTagsFilterAnd { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: inputs.costexplorer.GetTagsFilterAndCostCategory; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: inputs.costexplorer.GetTagsFilterAndDimension; /** * Tags that match your request. */ tags?: inputs.costexplorer.GetTagsFilterAndTags; } export interface GetTagsFilterAndArgs { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Tags that match your request. */ tags?: pulumi.Input; } export interface GetTagsFilterAndCostCategory { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterAndCostCategoryArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterAndDimension { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterAndDimensionArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterAndTags { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterAndTagsArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterCostCategory { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterCostCategoryArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterDimension { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterDimensionArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterNot { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: inputs.costexplorer.GetTagsFilterNotCostCategory; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: inputs.costexplorer.GetTagsFilterNotDimension; /** * Tags that match your request. */ tags?: inputs.costexplorer.GetTagsFilterNotTags; } export interface GetTagsFilterNotArgs { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Tags that match your request. */ tags?: pulumi.Input; } export interface GetTagsFilterNotCostCategory { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterNotCostCategoryArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterNotDimension { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterNotDimensionArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterNotTags { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterNotTagsArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterOr { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: inputs.costexplorer.GetTagsFilterOrCostCategory; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: inputs.costexplorer.GetTagsFilterOrDimension; /** * Tags that match your request. */ tags?: inputs.costexplorer.GetTagsFilterOrTags; } export interface GetTagsFilterOrArgs { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Tags that match your request. */ tags?: pulumi.Input; } export interface GetTagsFilterOrCostCategory { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterOrCostCategoryArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterOrDimension { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterOrDimensionArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterOrTags { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterOrTagsArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterTags { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterTagsArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsSortBy { /** * key that's used to sort the data. Valid values are: `BlendedCost`, `UnblendedCost`, `AmortizedCost`, `NetAmortizedCost`, `NetUnblendedCost`, `UsageQuantity`, `NormalizedUsageAmount`. */ key?: string; /** * order that's used to sort the data. Valid values are: `ASCENDING`, `DESCENDING`. */ sortOrder?: string; } export interface GetTagsSortByArgs { /** * key that's used to sort the data. Valid values are: `BlendedCost`, `UnblendedCost`, `AmortizedCost`, `NetAmortizedCost`, `NetUnblendedCost`, `UsageQuantity`, `NormalizedUsageAmount`. */ key?: pulumi.Input; /** * order that's used to sort the data. Valid values are: `ASCENDING`, `DESCENDING`. */ sortOrder?: pulumi.Input; } export interface GetTagsTimePeriod { /** * Beginning of the time period. */ end: string; /** * End of the time period. */ start: string; } export interface GetTagsTimePeriodArgs { /** * Beginning of the time period. */ end: pulumi.Input; /** * End of the time period. */ start: pulumi.Input; } } export namespace datapipeline { export interface GetPipelineDefinitionParameterValue { /** * ID of the object. */ id?: string; /** * Field value, expressed as a String. */ stringValue?: string; } export interface GetPipelineDefinitionParameterValueArgs { /** * ID of the object. */ id?: pulumi.Input; /** * Field value, expressed as a String. */ stringValue?: pulumi.Input; } export interface PipelineDefinitionParameterObject { /** * Configuration block for attributes of the parameter object. See below */ attributes?: pulumi.Input[]>; /** * ID of the parameter object. */ id: pulumi.Input; } export interface PipelineDefinitionParameterObjectAttribute { /** * Field identifier. */ key: pulumi.Input; /** * Field value, expressed as a String. */ stringValue: pulumi.Input; } export interface PipelineDefinitionParameterValue { /** * ID of the parameter value. */ id: pulumi.Input; /** * Field value, expressed as a String. */ stringValue: pulumi.Input; } export interface PipelineDefinitionPipelineObject { /** * Configuration block for Key-value pairs that define the properties of the object. See below */ fields?: pulumi.Input[]>; /** * ID of the object. */ id: pulumi.Input; /** * ARN of the storage connector. */ name: pulumi.Input; } export interface PipelineDefinitionPipelineObjectField { /** * Field identifier. */ key: pulumi.Input; /** * Field value, expressed as the identifier of another object */ refValue?: pulumi.Input; /** * Field value, expressed as a String. */ stringValue?: pulumi.Input; } } export namespace datasync { export interface EfsLocationEc2Config { /** * List of Amazon Resource Names (ARNs) of the EC2 Security Groups that are associated with the EFS Mount Target. */ securityGroupArns: pulumi.Input[]>; /** * Amazon Resource Name (ARN) of the EC2 Subnet that is associated with the EFS Mount Target. */ subnetArn: pulumi.Input; } export interface FsxOpenZfsFileSystemProtocol { /** * Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system. See below. */ nfs: pulumi.Input; } export interface FsxOpenZfsFileSystemProtocolNfs { /** * Represents the mount options that are available for DataSync to access an NFS location. See below. */ mountOptions: pulumi.Input; } export interface FsxOpenZfsFileSystemProtocolNfsMountOptions { /** * The specific NFS version that you want DataSync to use for mounting your NFS share. Valid values: `AUTOMATIC`, `NFS3`, `NFS4_0` and `NFS4_1`. Default: `AUTOMATIC` */ version?: pulumi.Input; } export interface LocationAzureBlobSasConfiguration { /** * A SAS token that provides permissions to access your Azure Blob Storage. */ token: pulumi.Input; } export interface LocationFsxOntapFileSystemProtocol { /** * Network File System (NFS) protocol that DataSync uses to access your FSx ONTAP file system. See NFS below. */ nfs?: pulumi.Input; /** * Server Message Block (SMB) protocol that DataSync uses to access your FSx ONTAP file system. See [SMB] (#smb) below. */ smb?: pulumi.Input; } export interface LocationFsxOntapFileSystemProtocolNfs { /** * Mount options that are available for DataSync to access an NFS location. See NFS Mount Options below. */ mountOptions: pulumi.Input; } export interface LocationFsxOntapFileSystemProtocolNfsMountOptions { /** * The specific NFS version that you want DataSync to use for mounting your NFS share. Valid values: `NFS3`. Default: `NFS3` */ version?: pulumi.Input; } export interface LocationFsxOntapFileSystemProtocolSmb { /** * Fully qualified domain name of the Microsoft Active Directory (AD) that your storage virtual machine belongs to. */ domain?: pulumi.Input; /** * Mount options that are available for DataSync to access an SMB location. See SMB Mount Options below. */ mountOptions: pulumi.Input; /** * Password of a user who has permission to access your SVM. */ password: pulumi.Input; /** * Username that can mount the location and access the files, folders, and metadata that you need in the SVM. */ user: pulumi.Input; } export interface LocationFsxOntapFileSystemProtocolSmbMountOptions { /** * The specific NFS version that you want DataSync to use for mounting your NFS share. Valid values: `NFS3`. Default: `NFS3` */ version?: pulumi.Input; } export interface LocationHdfsNameNode { /** * The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network. */ hostname: pulumi.Input; /** * The port that the NameNode uses to listen to client requests. */ port: pulumi.Input; } export interface LocationHdfsQopConfiguration { /** * The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your dfs.data.transfer.protection setting in the hdfs-site.xml file on your Hadoop cluster. Valid values are `DISABLED`, `AUTHENTICATION`, `INTEGRITY` and `PRIVACY`. */ dataTransferProtection?: pulumi.Input; /** * The RPC protection setting configured on the HDFS cluster. This setting corresponds to your hadoop.rpc.protection setting in your core-site.xml file on your Hadoop cluster. Valid values are `DISABLED`, `AUTHENTICATION`, `INTEGRITY` and `PRIVACY`. */ rpcProtection?: pulumi.Input; } export interface LocationSmbMountOptions { /** * The specific SMB version that you want DataSync to use for mounting your SMB share. Valid values: `AUTOMATIC`, `SMB2`, and `SMB3`. Default: `AUTOMATIC` */ version?: pulumi.Input; } export interface NfsLocationMountOptions { /** * The specific NFS version that you want DataSync to use for mounting your NFS share. Valid values: `AUTOMATIC`, `NFS3`, `NFS4_0` and `NFS4_1`. Default: `AUTOMATIC` */ version?: pulumi.Input; } export interface NfsLocationOnPremConfig { /** * List of Amazon Resource Names (ARNs) of the DataSync Agents used to connect to the NFS server. */ agentArns: pulumi.Input[]>; } export interface S3LocationS3Config { /** * ARN of the IAM Role used to connect to the S3 Bucket. */ bucketAccessRoleArn: pulumi.Input; } export interface TaskExcludes { /** * The type of filter rule to apply. Valid values: `SIMPLE_PATTERN`. */ filterType?: pulumi.Input; /** * A single filter string that consists of the patterns to exclude. The patterns are delimited by "|" (that is, a pipe), for example: `/folder1|/folder2` */ value?: pulumi.Input; } export interface TaskIncludes { /** * The type of filter rule to apply. Valid values: `SIMPLE_PATTERN`. */ filterType?: pulumi.Input; /** * A single filter string that consists of the patterns to include. The patterns are delimited by "|" (that is, a pipe), for example: `/folder1|/folder2` */ value?: pulumi.Input; } export interface TaskOptions { /** * A file metadata that shows the last time a file was accessed (that is when the file was read or written to). If set to `BEST_EFFORT`, the DataSync Task attempts to preserve the original (that is, the version before sync `PREPARING` phase) `atime` attribute on all source files. Valid values: `BEST_EFFORT`, `NONE`. Default: `BEST_EFFORT`. */ atime?: pulumi.Input; /** * Limits the bandwidth utilized. For example, to set a maximum of 1 MB, set this value to `1048576`. Value values: `-1` or greater. Default: `-1` (unlimited). */ bytesPerSecond?: pulumi.Input; /** * Group identifier of the file's owners. Valid values: `BOTH`, `INT_VALUE`, `NAME`, `NONE`. Default: `INT_VALUE` (preserve integer value of the ID). */ gid?: pulumi.Input; /** * Determines the type of logs that DataSync publishes to a log stream in the Amazon CloudWatch log group that you provide. Valid values: `OFF`, `BASIC`, `TRANSFER`. Default: `OFF`. */ logLevel?: pulumi.Input; /** * A file metadata that indicates the last time a file was modified (written to) before the sync `PREPARING` phase. Value values: `NONE`, `PRESERVE`. Default: `PRESERVE`. */ mtime?: pulumi.Input; /** * Specifies whether object tags are maintained when transferring between object storage systems. If you want your DataSync task to ignore object tags, specify the NONE value. Valid values: `PRESERVE`, `NONE`. Default value: `PRESERVE`. */ objectTags?: pulumi.Input; /** * Determines whether files at the destination should be overwritten or preserved when copying files. Valid values: `ALWAYS`, `NEVER`. Default: `ALWAYS`. */ overwriteMode?: pulumi.Input; /** * Determines which users or groups can access a file for a specific purpose such as reading, writing, or execution of the file. Valid values: `NONE`, `PRESERVE`. Default: `PRESERVE`. */ posixPermissions?: pulumi.Input; /** * Whether files deleted in the source should be removed or preserved in the destination file system. Valid values: `PRESERVE`, `REMOVE`. Default: `PRESERVE`. */ preserveDeletedFiles?: pulumi.Input; /** * Whether the DataSync Task should preserve the metadata of block and character devices in the source files system, and recreate the files with that device name and metadata on the destination. The DataSync Task can’t sync the actual contents of such devices, because many of the devices are non-terminal and don’t return an end of file (EOF) marker. Valid values: `NONE`, `PRESERVE`. Default: `NONE` (ignore special devices). */ preserveDevices?: pulumi.Input; /** * Determines which components of the SMB security descriptor are copied from source to destination objects. This value is only used for transfers between SMB and Amazon FSx for Windows File Server locations, or between two Amazon FSx for Windows File Server locations. Valid values: `NONE`, `OWNER_DACL`, `OWNER_DACL_SACL`. Default: `OWNER_DACL`. */ securityDescriptorCopyFlags?: pulumi.Input; /** * Determines whether tasks should be queued before executing the tasks. Valid values: `ENABLED`, `DISABLED`. Default `ENABLED`. */ taskQueueing?: pulumi.Input; /** * Determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing to the destination location. Valid values: `CHANGED`, `ALL`. Default: `CHANGED` */ transferMode?: pulumi.Input; /** * User identifier of the file's owners. Valid values: `BOTH`, `INT_VALUE`, `NAME`, `NONE`. Default: `INT_VALUE` (preserve integer value of the ID). */ uid?: pulumi.Input; /** * Whether a data integrity verification should be performed at the end of a task execution after all data and metadata have been transferred. Valid values: `NONE`, `POINT_IN_TIME_CONSISTENT`, `ONLY_FILES_TRANSFERRED`. Default: `POINT_IN_TIME_CONSISTENT`. */ verifyMode?: pulumi.Input; } export interface TaskSchedule { /** * Specifies the schedule you want your task to use for repeated executions. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html). */ scheduleExpression: pulumi.Input; } } export namespace dax { export interface ClusterNode { address?: pulumi.Input; availabilityZone?: pulumi.Input; id?: pulumi.Input; /** * The port used by the configuration endpoint */ port?: pulumi.Input; } export interface ClusterServerSideEncryption { /** * Whether to enable encryption at rest. Defaults to `false`. */ enabled?: pulumi.Input; } export interface ParameterGroupParameter { /** * The name of the parameter. */ name: pulumi.Input; /** * The value for the parameter. */ value: pulumi.Input; } } export namespace devicefarm { export interface DevicePoolRule { /** * The rule's stringified attribute. Valid values are: `APPIUM_VERSION`, `ARN`, `AVAILABILITY`, `FLEET_TYPE`, `FORM_FACTOR`, `INSTANCE_ARN`, `INSTANCE_LABELS`, `MANUFACTURER`, `MODEL`, `OS_VERSION`, `PLATFORM`, `REMOTE_ACCESS_ENABLED`, `REMOTE_DEBUG_ENABLED`. */ attribute?: pulumi.Input; /** * Specifies how Device Farm compares the rule's attribute to the value. For the operators that are supported by each attribute. Valid values are: `EQUALS`, `NOT_IN`, `IN`, `GREATER_THAN`, `GREATER_THAN_OR_EQUALS`, `LESS_THAN`, `LESS_THAN_OR_EQUALS`, `CONTAINS`. */ operator?: pulumi.Input; /** * The rule's value. */ value?: pulumi.Input; } export interface TestGridProjectVpcConfig { /** * A list of VPC security group IDs in your Amazon VPC. */ securityGroupIds: pulumi.Input[]>; /** * A list of VPC subnet IDs in your Amazon VPC. */ subnetIds: pulumi.Input[]>; /** * The ID of the Amazon VPC. */ vpcId: pulumi.Input; } } export namespace directconnect { } export namespace directoryservice { export interface DirectoryConnectSettings { availabilityZones?: pulumi.Input[]>; /** * The IP addresses of the AD Connector servers. */ connectIps?: pulumi.Input[]>; /** * The DNS IP addresses of the domain to connect to. */ customerDnsIps: pulumi.Input[]>; /** * The username corresponding to the password provided. */ customerUsername: pulumi.Input; /** * The identifiers of the subnets for the directory servers (2 subnets in 2 different AZs). */ subnetIds: pulumi.Input[]>; /** * The identifier of the VPC that the directory is in. */ vpcId: pulumi.Input; } export interface DirectoryVpcSettings { availabilityZones?: pulumi.Input[]>; /** * The identifiers of the subnets for the directory servers (2 subnets in 2 different AZs). */ subnetIds: pulumi.Input[]>; /** * The identifier of the VPC that the directory is in. */ vpcId: pulumi.Input; } export interface ServiceRegionVpcSettings { /** * The identifiers of the subnets for the directory servers. */ subnetIds: pulumi.Input[]>; /** * The identifier of the VPC in which to create the directory. */ vpcId: pulumi.Input; } export interface SharedDirectoryTarget { /** * Identifier of the directory consumer account. */ id: pulumi.Input; /** * Type of identifier to be used in the `id` field. Valid value is `ACCOUNT`. Default is `ACCOUNT`. */ type?: pulumi.Input; } } export namespace dlm { export interface LifecyclePolicyPolicyDetails { /** * The actions to be performed when the event-based policy is triggered. You can specify only one action per policy. This parameter is required for event-based policies only. If you are creating a snapshot or AMI policy, omit this parameter. See the `action` configuration block. */ action?: pulumi.Input; /** * The event that triggers the event-based policy. This parameter is required for event-based policies only. If you are creating a snapshot or AMI policy, omit this parameter. See the `eventSource` configuration block. */ eventSource?: pulumi.Input; /** * A set of optional parameters for snapshot and AMI lifecycle policies. See the `parameters` configuration block. */ parameters?: pulumi.Input; /** * The valid target resource types and actions a policy can manage. Specify `EBS_SNAPSHOT_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify `IMAGE_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify `EVENT_BASED_POLICY` to create an event-based policy that performs specific actions when a defined event occurs in your AWS account. Default value is `EBS_SNAPSHOT_MANAGEMENT`. */ policyType?: pulumi.Input; /** * The location of the resources to backup. If the source resources are located in an AWS Region, specify `CLOUD`. If the source resources are located on an Outpost in your account, specify `OUTPOST`. If you specify `OUTPOST`, Amazon Data Lifecycle Manager backs up all resources of the specified type with matching target tags across all of the Outposts in your account. Valid values are `CLOUD` and `OUTPOST`. */ resourceLocations?: pulumi.Input; /** * A list of resource types that should be targeted by the lifecycle policy. Valid values are `VOLUME` and `INSTANCE`. */ resourceTypes?: pulumi.Input[]>; /** * See the `schedule` configuration block. */ schedules?: pulumi.Input[]>; /** * A map of tag keys and their values. Any resources that match the `resourceTypes` and are tagged with _any_ of these tags will be targeted. * * > Note: You cannot have overlapping lifecycle policies that share the same `targetTags`. TODO is unable to detect this at plan time but it will fail during apply. */ targetTags?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface LifecyclePolicyPolicyDetailsAction { /** * The rule for copying shared snapshots across Regions. See the `crossRegionCopy` configuration block. */ crossRegionCopies: pulumi.Input[]>; /** * A descriptive name for the action. */ name: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsActionCrossRegionCopy { /** * The encryption settings for the copied snapshot. See the `encryptionConfiguration` block. Max of 1 per action. */ encryptionConfiguration: pulumi.Input; /** * Specifies the retention rule for cross-Region snapshot copies. See the `retainRule` block. Max of 1 per action. */ retainRule?: pulumi.Input; /** * The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies. */ target: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsActionCrossRegionCopyEncryptionConfiguration { /** * The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used. */ cmkArn?: pulumi.Input; /** * To encrypt a copy of an unencrypted snapshot when encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or when encryption by default is not enabled. */ encrypted?: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsActionCrossRegionCopyRetainRule { /** * How often this lifecycle policy should be evaluated. `1`, `2`,`3`,`4`,`6`,`8`,`12` or `24` are valid values. Conflicts with `cronExpression`. If set, `intervalUnit` and `times` must also be set. */ interval: pulumi.Input; /** * The unit for how often the lifecycle policy should be evaluated. `HOURS` is currently the only allowed value and also the default value. Conflicts with `cronExpression`. Must be set if `interval` is set. */ intervalUnit: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsEventSource { /** * A set of optional parameters for snapshot and AMI lifecycle policies. See the `parameters` configuration block. */ parameters: pulumi.Input; /** * The source of the event. Currently only managed CloudWatch Events rules are supported. Valid values are `MANAGED_CWE`. */ type: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsEventSourceParameters { /** * The snapshot description that can trigger the policy. The description pattern is specified using a regular expression. The policy runs only if a snapshot with a description that matches the specified pattern is shared with your account. */ descriptionRegex: pulumi.Input; /** * The type of event. Currently, only `shareSnapshot` events are supported. */ eventType: pulumi.Input; /** * The IDs of the AWS accounts that can trigger policy by sharing snapshots with your account. The policy only runs if one of the specified AWS accounts shares a snapshot with your account. */ snapshotOwners: pulumi.Input[]>; } export interface LifecyclePolicyPolicyDetailsParameters { /** * Indicates whether to exclude the root volume from snapshots created using CreateSnapshots. The default is `false`. */ excludeBootVolume?: pulumi.Input; /** * Applies to AMI lifecycle policies only. Indicates whether targeted instances are rebooted when the lifecycle policy runs. `true` indicates that targeted instances are not rebooted when the policy runs. `false` indicates that target instances are rebooted when the policy runs. The default is `true` (instances are not rebooted). */ noReboot?: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsSchedule { /** * Copy all user-defined tags on a source volume to snapshots of the volume created by this policy. */ copyTags?: pulumi.Input; /** * See the `createRule` block. Max of 1 per schedule. */ createRule: pulumi.Input; /** * See the `crossRegionCopyRule` block. Max of 3 per schedule. */ crossRegionCopyRules?: pulumi.Input[]>; /** * See the `deprecateRule` block. Max of 1 per schedule. */ deprecateRule?: pulumi.Input; /** * See the `fastRestoreRule` block. Max of 1 per schedule. */ fastRestoreRule?: pulumi.Input; /** * A descriptive name for the action. */ name: pulumi.Input; /** * Specifies the retention rule for cross-Region snapshot copies. See the `retainRule` block. Max of 1 per action. */ retainRule: pulumi.Input; /** * See the `shareRule` block. Max of 1 per schedule. */ shareRule?: pulumi.Input; /** * A map of tag keys and their values. DLM lifecycle policies will already tag the snapshot with the tags on the volume. This configuration adds extra tags on top of these. */ tagsToAdd?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * A map of tag keys and variable values, where the values are determined when the policy is executed. Only `$(instance-id)` or `$(timestamp)` are valid values. Can only be used when `resourceTypes` is `INSTANCE`. */ variableTags?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface LifecyclePolicyPolicyDetailsScheduleCreateRule { /** * The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1 year. Conflicts with `interval`, `intervalUnit`, and `times`. */ cronExpression?: pulumi.Input; /** * How often this lifecycle policy should be evaluated. `1`, `2`,`3`,`4`,`6`,`8`,`12` or `24` are valid values. Conflicts with `cronExpression`. If set, `intervalUnit` and `times` must also be set. */ interval?: pulumi.Input; /** * The unit for how often the lifecycle policy should be evaluated. `HOURS` is currently the only allowed value and also the default value. Conflicts with `cronExpression`. Must be set if `interval` is set. */ intervalUnit?: pulumi.Input; /** * Specifies the destination for snapshots created by the policy. To create snapshots in the same Region as the source resource, specify `CLOUD`. To create snapshots on the same Outpost as the source resource, specify `OUTPOST_LOCAL`. If you omit this parameter, `CLOUD` is used by default. If the policy targets resources in an AWS Region, then you must create snapshots in the same Region as the source resource. If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost as the source resource, or in the Region of that Outpost. Valid values are `CLOUD` and `OUTPOST_LOCAL`. */ location?: pulumi.Input; /** * A list of times in 24 hour clock format that sets when the lifecycle policy should be evaluated. Max of 1. Conflicts with `cronExpression`. Must be set if `interval` is set. */ times?: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRule { /** * The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used. */ cmkArn?: pulumi.Input; /** * Copy all user-defined tags on a source volume to snapshots of the volume created by this policy. */ copyTags?: pulumi.Input; /** * See the `deprecateRule` block. Max of 1 per schedule. */ deprecateRule?: pulumi.Input; /** * To encrypt a copy of an unencrypted snapshot when encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or when encryption by default is not enabled. */ encrypted: pulumi.Input; /** * Specifies the retention rule for cross-Region snapshot copies. See the `retainRule` block. Max of 1 per action. */ retainRule?: pulumi.Input; /** * The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies. */ target: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleDeprecateRule { /** * How often this lifecycle policy should be evaluated. `1`, `2`,`3`,`4`,`6`,`8`,`12` or `24` are valid values. Conflicts with `cronExpression`. If set, `intervalUnit` and `times` must also be set. */ interval: pulumi.Input; /** * The unit for how often the lifecycle policy should be evaluated. `HOURS` is currently the only allowed value and also the default value. Conflicts with `cronExpression`. Must be set if `interval` is set. */ intervalUnit: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleRetainRule { /** * How often this lifecycle policy should be evaluated. `1`, `2`,`3`,`4`,`6`,`8`,`12` or `24` are valid values. Conflicts with `cronExpression`. If set, `intervalUnit` and `times` must also be set. */ interval: pulumi.Input; /** * The unit for how often the lifecycle policy should be evaluated. `HOURS` is currently the only allowed value and also the default value. Conflicts with `cronExpression`. Must be set if `interval` is set. */ intervalUnit: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsScheduleDeprecateRule { /** * Specifies the number of oldest AMIs to deprecate. Must be an integer between `1` and `1000`. Conflicts with `interval` and `intervalUnit`. */ count?: pulumi.Input; /** * How often this lifecycle policy should be evaluated. `1`, `2`,`3`,`4`,`6`,`8`,`12` or `24` are valid values. Conflicts with `cronExpression`. If set, `intervalUnit` and `times` must also be set. */ interval?: pulumi.Input; /** * The unit for how often the lifecycle policy should be evaluated. `HOURS` is currently the only allowed value and also the default value. Conflicts with `cronExpression`. Must be set if `interval` is set. */ intervalUnit?: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsScheduleFastRestoreRule { /** * The Availability Zones in which to enable fast snapshot restore. */ availabilityZones: pulumi.Input[]>; /** * Specifies the number of oldest AMIs to deprecate. Must be an integer between `1` and `1000`. Conflicts with `interval` and `intervalUnit`. */ count?: pulumi.Input; /** * How often this lifecycle policy should be evaluated. `1`, `2`,`3`,`4`,`6`,`8`,`12` or `24` are valid values. Conflicts with `cronExpression`. If set, `intervalUnit` and `times` must also be set. */ interval?: pulumi.Input; /** * The unit for how often the lifecycle policy should be evaluated. `HOURS` is currently the only allowed value and also the default value. Conflicts with `cronExpression`. Must be set if `interval` is set. */ intervalUnit?: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsScheduleRetainRule { /** * Specifies the number of oldest AMIs to deprecate. Must be an integer between `1` and `1000`. Conflicts with `interval` and `intervalUnit`. */ count?: pulumi.Input; /** * How often this lifecycle policy should be evaluated. `1`, `2`,`3`,`4`,`6`,`8`,`12` or `24` are valid values. Conflicts with `cronExpression`. If set, `intervalUnit` and `times` must also be set. */ interval?: pulumi.Input; /** * The unit for how often the lifecycle policy should be evaluated. `HOURS` is currently the only allowed value and also the default value. Conflicts with `cronExpression`. Must be set if `interval` is set. */ intervalUnit?: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsScheduleShareRule { /** * The IDs of the AWS accounts with which to share the snapshots. */ targetAccounts: pulumi.Input[]>; unshareInterval?: pulumi.Input; unshareIntervalUnit?: pulumi.Input; } } export namespace dms { export interface EndpointElasticsearchSettings { /** * Endpoint for the OpenSearch cluster. */ endpointUri: pulumi.Input; /** * Maximum number of seconds for which DMS retries failed API requests to the OpenSearch cluster. Default is `300`. */ errorRetryDuration?: pulumi.Input; /** * Maximum percentage of records that can fail to be written before a full load operation stops. Default is `10`. */ fullLoadErrorPercentage?: pulumi.Input; /** * ARN of the IAM Role with permissions to write to the OpenSearch cluster. */ serviceAccessRoleArn: pulumi.Input; } export interface EndpointKafkaSettings { /** * Kafka broker location. Specify in the form broker-hostname-or-ip:port. */ broker: pulumi.Input; /** * Shows detailed control information for table definition, column definition, and table and column changes in the Kafka message output. Default is `false`. */ includeControlDetails?: pulumi.Input; /** * Include NULL and empty columns for records migrated to the endpoint. Default is `false`. */ includeNullAndEmpty?: pulumi.Input; /** * Shows the partition value within the Kafka message output unless the partition type is `schema-table-type`. Default is `false`. */ includePartitionValue?: pulumi.Input; /** * Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table`, `drop-table`, `add-column`, `drop-column`, and `rename-column`. Default is `false`. */ includeTableAlterOperations?: pulumi.Input; /** * Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transactionId`, previous `transactionId`, and `transactionRecordId` (the record offset within a transaction). Default is `false`. */ includeTransactionDetails?: pulumi.Input; /** * Output format for the records created on the endpoint. Message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab). */ messageFormat?: pulumi.Input; /** * Maximum size in bytes for records created on the endpoint Default is `1,000,000`. */ messageMaxBytes?: pulumi.Input; /** * Set this optional parameter to true to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to a Kafka target. Use the `noHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the `'0x'` prefix. */ noHexPrefix?: pulumi.Input; /** * Prefixes schema and table names to partition values, when the partition type is `primary-key-type`. Doing this increases data distribution among Kafka partitions. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same partition, which causes throttling. Default is `false`. */ partitionIncludeSchemaTable?: pulumi.Input; /** * Secure password you created when you first set up your MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication. */ saslPassword?: pulumi.Input; /** * Secure user name you created when you first set up your MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication. */ saslUsername?: pulumi.Input; /** * Set secure connection to a Kafka target endpoint using Transport Layer Security (TLS). Options include `ssl-encryption`, `ssl-authentication`, and `sasl-ssl`. `sasl-ssl` requires `saslUsername` and `saslPassword`. */ securityProtocol?: pulumi.Input; /** * ARN for the private certificate authority (CA) cert that AWS DMS uses to securely connect to your Kafka target endpoint. */ sslCaCertificateArn?: pulumi.Input; /** * ARN of the client certificate used to securely connect to a Kafka target endpoint. */ sslClientCertificateArn?: pulumi.Input; /** * ARN for the client private key used to securely connect to a Kafka target endpoint. */ sslClientKeyArn?: pulumi.Input; /** * Password for the client private key used to securely connect to a Kafka target endpoint. */ sslClientKeyPassword?: pulumi.Input; /** * Kafka topic for migration. Default is `kafka-default-topic`. */ topic?: pulumi.Input; } export interface EndpointKinesisSettings { /** * Shows detailed control information for table definition, column definition, and table and column changes in the Kinesis message output. Default is `false`. */ includeControlDetails?: pulumi.Input; /** * Include NULL and empty columns in the target. Default is `false`. */ includeNullAndEmpty?: pulumi.Input; /** * Shows the partition value within the Kinesis message output, unless the partition type is schema-table-type. Default is `false`. */ includePartitionValue?: pulumi.Input; /** * Includes any data definition language (DDL) operations that change the table in the control data. Default is `false`. */ includeTableAlterOperations?: pulumi.Input; /** * Provides detailed transaction information from the source database. Default is `false`. */ includeTransactionDetails?: pulumi.Input; /** * Output format for the records created. Default is `json`. Valid values are `json` and `json-unformatted` (a single line with no tab). */ messageFormat?: pulumi.Input; /** * Prefixes schema and table names to partition values, when the partition type is primary-key-type. Default is `false`. */ partitionIncludeSchemaTable?: pulumi.Input; /** * ARN of the IAM Role with permissions to write to the Kinesis data stream. */ serviceAccessRoleArn?: pulumi.Input; /** * ARN of the Kinesis data stream. */ streamArn?: pulumi.Input; } export interface EndpointMongodbSettings { /** * Authentication mechanism to access the MongoDB source endpoint. Default is `default`. */ authMechanism?: pulumi.Input; /** * Authentication database name. Not used when `authType` is `no`. Default is `admin`. */ authSource?: pulumi.Input; /** * Authentication type to access the MongoDB source endpoint. Default is `password`. */ authType?: pulumi.Input; /** * Number of documents to preview to determine the document organization. Use this setting when `nestingLevel` is set to `one`. Default is `1000`. */ docsToInvestigate?: pulumi.Input; /** * Document ID. Use this setting when `nestingLevel` is set to `none`. Default is `false`. */ extractDocId?: pulumi.Input; /** * Specifies either document or table mode. Default is `none`. Valid values are `one` (table mode) and `none` (document mode). */ nestingLevel?: pulumi.Input; } export interface EndpointRedisSettings { /** * The password provided with the auth-role and auth-token options of the AuthType setting for a Redis target endpoint. */ authPassword?: pulumi.Input; /** * The type of authentication to perform when connecting to a Redis target. Options include `none`, `auth-token`, and `auth-role`. The `auth-token` option requires an `authPassword` value to be provided. The `auth-role` option requires `authUserName` and `authPassword` values to be provided. */ authType: pulumi.Input; /** * The username provided with the `auth-role` option of the AuthType setting for a Redis target endpoint. */ authUserName?: pulumi.Input; /** * Transmission Control Protocol (TCP) port for the endpoint. */ port: pulumi.Input; /** * Fully qualified domain name of the endpoint. */ serverName: pulumi.Input; /** * The Amazon Resource Name (ARN) for the certificate authority (CA) that DMS uses to connect to your Redis target endpoint. */ sslCaCertificateArn?: pulumi.Input; /** * The plaintext option doesn't provide Transport Layer Security (TLS) encryption for traffic between endpoint and database. Options include `plaintext`, `ssl-encryption`. The default is `ssl-encryption`. */ sslSecurityProtocol?: pulumi.Input; } export interface EndpointRedshiftSettings { /** * Custom S3 Bucket Object prefix for intermediate storage. */ bucketFolder?: pulumi.Input; /** * Custom S3 Bucket name for intermediate storage. */ bucketName?: pulumi.Input; /** * The server-side encryption mode that you want to encrypt your intermediate .csv object files copied to S3. Defaults to `SSE_S3`. Valid values are `SSE_S3` and `SSE_KMS`. */ encryptionMode?: pulumi.Input; /** * ARN or Id of KMS Key to use when `encryptionMode` is `SSE_KMS`. */ serverSideEncryptionKmsKeyId?: pulumi.Input; /** * Amazon Resource Name (ARN) of the IAM Role with permissions to read from or write to the S3 Bucket for intermediate storage. */ serviceAccessRoleArn?: pulumi.Input; } export interface EndpointS3Settings { /** * Whether to add column name information to the .csv output file. Default is `false`. */ addColumnName?: pulumi.Input; /** * Custom S3 Bucket Object prefix for intermediate storage. */ bucketFolder?: pulumi.Input; /** * Custom S3 Bucket name for intermediate storage. */ bucketName?: pulumi.Input; /** * Predefined (canned) access control list for objects created in an S3 bucket. Valid values include `none`, `private`, `public-read`, `public-read-write`, `authenticated-read`, `aws-exec-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Default is `none`. */ cannedAclForObjects?: pulumi.Input; /** * Whether to write insert and update operations to .csv or .parquet output files. Default is `false`. */ cdcInsertsAndUpdates?: pulumi.Input; /** * Whether to write insert operations to .csv or .parquet output files. Default is `false`. */ cdcInsertsOnly?: pulumi.Input; /** * Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3. Default is `60`. */ cdcMaxBatchInterval?: pulumi.Input; /** * Minimum file size condition as defined in kilobytes to output a file to Amazon S3. Default is `32000`. **NOTE:** Previously, this setting was measured in megabytes but now represents kilobytes. Update configurations accordingly. */ cdcMinFileSize?: pulumi.Input; /** * Folder path of CDC files. For an S3 source, this setting is required if a task captures change data; otherwise, it's optional. If `cdcPath` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. Supported in AWS DMS versions 3.4.2 and later. */ cdcPath?: pulumi.Input; /** * Set to compress target files. Default is `NONE`. Valid values are `GZIP` and `NONE`. */ compressionType?: pulumi.Input; /** * Delimiter used to separate columns in the source files. Default is `,`. */ csvDelimiter?: pulumi.Input; /** * String to use for all columns not included in the supplemental log. */ csvNoSupValue?: pulumi.Input; /** * String to as null when writing to the target. */ csvNullValue?: pulumi.Input; /** * Delimiter used to separate rows in the source files. Default is `\n`. */ csvRowDelimiter?: pulumi.Input; /** * Output format for the files that AWS DMS uses to create S3 objects. Valid values are `csv` and `parquet`. Default is `csv`. */ dataFormat?: pulumi.Input; /** * Size of one data page in bytes. Default is `1048576` (1 MiB). */ dataPageSize?: pulumi.Input; /** * Date separating delimiter to use during folder partitioning. Valid values are `SLASH`, `UNDERSCORE`, `DASH`, and `NONE`. Default is `SLASH`. */ datePartitionDelimiter?: pulumi.Input; /** * Partition S3 bucket folders based on transaction commit dates. Default is `false`. */ datePartitionEnabled?: pulumi.Input; /** * Date format to use during folder partitioning. Use this parameter when `datePartitionEnabled` is set to true. Valid values are `YYYYMMDD`, `YYYYMMDDHH`, `YYYYMM`, `MMYYYYDD`, and `DDMMYYYY`. Default is `YYYYMMDD`. */ datePartitionSequence?: pulumi.Input; /** * Maximum size in bytes of an encoded dictionary page of a column. Default is `1048576` (1 MiB). */ dictPageSizeLimit?: pulumi.Input; /** * Whether to enable statistics for Parquet pages and row groups. Default is `true`. */ enableStatistics?: pulumi.Input; /** * Type of encoding to use. Value values are `rleDictionary`, `plain`, and `plainDictionary`. Default is `rleDictionary`. */ encodingType?: pulumi.Input; /** * The server-side encryption mode that you want to encrypt your intermediate .csv object files copied to S3. Defaults to `SSE_S3`. Valid values are `SSE_S3` and `SSE_KMS`. */ encryptionMode?: pulumi.Input; /** * JSON document that describes how AWS DMS should interpret the data. */ externalTableDefinition?: pulumi.Input; /** * When this value is set to `1`, DMS ignores the first row header in a .csv file. Default is `0`. */ ignoreHeaderRows?: pulumi.Input; /** * Whether to enable a full load to write INSERT operations to the .csv output files only to indicate how the rows were added to the source database. Default is `false`. */ includeOpForFullLoad?: pulumi.Input; /** * Maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load. Valid values are from `1` to `1048576`. Default is `1048576` (1 GB). */ maxFileSize?: pulumi.Input; /** * Specifies the precision of any TIMESTAMP column values written to an S3 object file in .parquet format. Default is `false`. */ parquetTimestampInMillisecond?: pulumi.Input; /** * Version of the .parquet file format. Default is `parquet-1-0`. Valid values are `parquet-1-0` and `parquet-2-0`. */ parquetVersion?: pulumi.Input; /** * Whether DMS saves the transaction order for a CDC load on the S3 target specified by `cdcPath`. Default is `false`. */ preserveTransactions?: pulumi.Input; /** * For an S3 source, whether each leading double quotation mark has to be followed by an ending double quotation mark. Default is `true`. */ rfc4180?: pulumi.Input; /** * Number of rows in a row group. Default is `10000`. */ rowGroupLength?: pulumi.Input; /** * ARN or Id of KMS Key to use when `encryptionMode` is `SSE_KMS`. */ serverSideEncryptionKmsKeyId?: pulumi.Input; /** * ARN of the IAM Role with permissions to write to the OpenSearch cluster. */ serviceAccessRoleArn?: pulumi.Input; /** * Column to add with timestamp information to the endpoint data for an Amazon S3 target. */ timestampColumnName?: pulumi.Input; /** * Whether to use `csvNoSupValue` for columns not included in the supplemental log. */ useCsvNoSupValue?: pulumi.Input; /** * When set to true, uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when set to true, each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time. When set to false, the full load timestamp in the timestamp column increments with the time data arrives at the target. Default is `false`. */ useTaskStartTimeForFullLoadTimestamp?: pulumi.Input; } export interface ReplicationConfigComputeConfig { /** * The Availability Zone where the DMS Serverless replication using this configuration will run. The default value is a random. */ availabilityZone?: pulumi.Input; /** * A list of custom DNS name servers supported for the DMS Serverless replication to access your source or target database. */ dnsNameServers?: pulumi.Input; /** * An Key Management Service (KMS) key Amazon Resource Name (ARN) that is used to encrypt the data during DMS Serverless replication. If you don't specify a value for the KmsKeyId parameter, DMS uses your default encryption key. */ kmsKeyId?: pulumi.Input; /** * Specifies the maximum value of the DMS capacity units (DCUs) for which a given DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 2 DCUs as the minimum value allowed. The list of valid DCU values includes 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. */ maxCapacityUnits?: pulumi.Input; /** * Specifies the minimum value of the DMS capacity units (DCUs) for which a given DMS Serverless replication can be provisioned. The list of valid DCU values includes 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. If this value isn't set DMS scans the current activity of available source tables to identify an optimum setting for this parameter. */ minCapacityUnits?: pulumi.Input; /** * Specifies if the replication instance is a multi-az deployment. You cannot set the `availabilityZone` parameter if the `multiAz` parameter is set to `true`. */ multiAz?: pulumi.Input; /** * The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC). * * - Default: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week. * - Format: `ddd:hh24:mi-ddd:hh24:mi` * - Valid Days: `mon, tue, wed, thu, fri, sat, sun` * - Constraints: Minimum 30-minute window. */ preferredMaintenanceWindow?: pulumi.Input; /** * Specifies a subnet group identifier to associate with the DMS Serverless replication. */ replicationSubnetGroupId: pulumi.Input; /** * Specifies the virtual private cloud (VPC) security group to use with the DMS Serverless replication. The VPC security group must work with the VPC containing the replication. */ vpcSecurityGroupIds?: pulumi.Input[]>; } } export namespace docdb { export interface ClusterParameterGroupParameter { /** * Valid values are `immediate` and `pending-reboot`. Defaults to `pending-reboot`. */ applyMethod?: pulumi.Input; /** * The name of the DocumentDB parameter. */ name: pulumi.Input; /** * The value of the DocumentDB parameter. */ value: pulumi.Input; } export interface GlobalClusterGlobalClusterMember { /** * Amazon Resource Name (ARN) of member DB Cluster. */ dbClusterArn?: pulumi.Input; /** * Whether the member is the primary DB Cluster. */ isWriter?: pulumi.Input; } } export namespace dynamodb { export interface GetTableServerSideEncryption { enabled?: boolean; kmsKeyArn?: string; } export interface GetTableServerSideEncryptionArgs { enabled?: pulumi.Input; kmsKeyArn?: pulumi.Input; } export interface GlobalTableReplica { /** * AWS region name of replica DynamoDB TableE.g., `us-east-1` */ regionName: pulumi.Input; } export interface TableAttribute { /** * Name of the attribute */ name: pulumi.Input; /** * Attribute type. Valid values are `S` (string), `N` (number), `B` (binary). */ type: pulumi.Input; } export interface TableGlobalSecondaryIndex { /** * Name of the hash key in the index; must be defined as an attribute in the resource. */ hashKey: pulumi.Input; /** * Name of the index. */ name: pulumi.Input; /** * Only required with `INCLUDE` as a projection type; a list of attributes to project into the index. These do not need to be defined as attributes on the table. */ nonKeyAttributes?: pulumi.Input[]>; /** * One of `ALL`, `INCLUDE` or `KEYS_ONLY` where `ALL` projects every attribute into the index, `KEYS_ONLY` projects into the index only the table and index hashKey and sortKey attributes , `INCLUDE` projects into the index all of the attributes that are defined in `nonKeyAttributes` in addition to the attributes that that`KEYS_ONLY` project. */ projectionType: pulumi.Input; /** * Name of the range key; must be defined */ rangeKey?: pulumi.Input; /** * Number of read units for this index. Must be set if billingMode is set to PROVISIONED. */ readCapacity?: pulumi.Input; /** * Number of write units for this index. Must be set if billingMode is set to PROVISIONED. */ writeCapacity?: pulumi.Input; } export interface TableLocalSecondaryIndex { /** * Name of the index */ name: pulumi.Input; /** * Only required with `INCLUDE` as a projection type; a list of attributes to project into the index. These do not need to be defined as attributes on the table. */ nonKeyAttributes?: pulumi.Input[]>; /** * One of `ALL`, `INCLUDE` or `KEYS_ONLY` where `ALL` projects every attribute into the index, `KEYS_ONLY` projects into the index only the table and index hashKey and sortKey attributes , `INCLUDE` projects into the index all of the attributes that are defined in `nonKeyAttributes` in addition to the attributes that that`KEYS_ONLY` project. */ projectionType: pulumi.Input; /** * Name of the range key. */ rangeKey: pulumi.Input; } export interface TablePointInTimeRecovery { /** * Whether to enable point-in-time recovery. It can take 10 minutes to enable for new tables. If the `pointInTimeRecovery` block is not provided, this defaults to `false`. */ enabled: pulumi.Input; } export interface TableReplica { /** * ARN of the table */ arn?: pulumi.Input; /** * ARN of the CMK that should be used for the AWS KMS encryption. This argument should only be used if the key is different from the default KMS-managed DynamoDB key, `alias/aws/dynamodb`. **Note:** This attribute will _not_ be populated with the ARN of _default_ keys. */ kmsKeyArn?: pulumi.Input; /** * Whether to enable Point In Time Recovery for the replica. Default is `false`. */ pointInTimeRecovery?: pulumi.Input; /** * Whether to propagate the global table's tags to a replica. Default is `false`. Changes to tags only move in one direction: from global (source) to replica. In other words, tag drift on a replica will not trigger an update. Tag or replica changes on the global table, whether from drift or configuration changes, are propagated to replicas. Changing from `true` to `false` on a subsequent `apply` means replica tags are left as they were, unmanaged, not deleted. */ propagateTags?: pulumi.Input; /** * Region name of the replica. */ regionName: pulumi.Input; /** * ARN of the Table Stream. Only available when `streamEnabled = true` */ streamArn?: pulumi.Input; /** * Timestamp, in ISO 8601 format, for this stream. Note that this timestamp is not a unique identifier for the stream on its own. However, the combination of AWS customer ID, table name and this field is guaranteed to be unique. It can be used for creating CloudWatch Alarms. Only available when `streamEnabled = true`. */ streamLabel?: pulumi.Input; } export interface TableServerSideEncryption { /** * Whether or not to enable encryption at rest using an AWS managed KMS customer master key (CMK). If `enabled` is `false` then server-side encryption is set to AWS-_owned_ key (shown as `DEFAULT` in the AWS console). Potentially confusingly, if `enabled` is `true` and no `kmsKeyArn` is specified then server-side encryption is set to the _default_ KMS-_managed_ key (shown as `KMS` in the AWS console). The [AWS KMS documentation](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) explains the difference between AWS-_owned_ and KMS-_managed_ keys. */ enabled: pulumi.Input; /** * ARN of the CMK that should be used for the AWS KMS encryption. This argument should only be used if the key is different from the default KMS-managed DynamoDB key, `alias/aws/dynamodb`. **Note:** This attribute will _not_ be populated with the ARN of _default_ keys. */ kmsKeyArn?: pulumi.Input; } export interface TableTtl { /** * Name of the table attribute to store the TTL timestamp in. */ attributeName: pulumi.Input; /** * Whether TTL is enabled. */ enabled?: pulumi.Input; } } export namespace ebs { export interface GetEbsVolumesFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumes.html). * For example, if matching against the `size` filter, use: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const tenOrTwentyGbVolumes = aws.ebs.getEbsVolumes({ * filters: [{ * name: "size", * values: [ * "10", * "20", * ], * }], * }); * ``` */ name: string; /** * Set of values that are accepted for the given field. * EBS Volume IDs will be selected if any one of the given values match. */ values: string[]; } export interface GetEbsVolumesFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumes.html). * For example, if matching against the `size` filter, use: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const tenOrTwentyGbVolumes = aws.ebs.getEbsVolumes({ * filters: [{ * name: "size", * values: [ * "10", * "20", * ], * }], * }); * ``` */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * EBS Volume IDs will be selected if any one of the given values match. */ values: pulumi.Input[]>; } export interface GetSnapshotFilter { name: string; values: string[]; } export interface GetSnapshotFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetSnapshotIdsFilter { name: string; values: string[]; } export interface GetSnapshotIdsFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetVolumeFilter { name: string; values: string[]; } export interface GetVolumeFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface SnapshotImportClientData { /** * A user-defined comment about the disk upload. */ comment?: pulumi.Input; /** * The time that the disk upload ends. */ uploadEnd?: pulumi.Input; /** * The size of the uploaded disk image, in GiB. */ uploadSize?: pulumi.Input; /** * The time that the disk upload starts. */ uploadStart?: pulumi.Input; } export interface SnapshotImportDiskContainer { /** * The description of the disk image being imported. */ description?: pulumi.Input; /** * The format of the disk image being imported. One of `VHD` or `VMDK`. */ format: pulumi.Input; /** * The URL to the Amazon S3-based disk image being imported. It can either be a https URL (https://..) or an Amazon S3 URL (s3://..). One of `url` or `userBucket` must be set. */ url?: pulumi.Input; /** * The Amazon S3 bucket for the disk image. One of `url` or `userBucket` must be set. Detailed below. */ userBucket?: pulumi.Input; } export interface SnapshotImportDiskContainerUserBucket { /** * The name of the Amazon S3 bucket where the disk image is located. */ s3Bucket: pulumi.Input; /** * The file name of the disk image. */ s3Key: pulumi.Input; } } export namespace ec2 { export interface AmiCopyEbsBlockDevice { /** * Boolean controlling whether the EBS volumes created to * support each created instance will be deleted once that instance is terminated. */ deleteOnTermination?: pulumi.Input; /** * Path at which the device is exposed to created instances. */ deviceName?: pulumi.Input; /** * Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshotId`. */ encrypted?: pulumi.Input; /** * Number of I/O operations per second the * created volumes will support. */ iops?: pulumi.Input; /** * ARN of the Outpost on which the snapshot is stored. * * > **Note:** You can specify `encrypted` or `snapshotId` but not both. */ outpostArn?: pulumi.Input; /** * ID of an EBS snapshot that will be used to initialize the created * EBS volumes. If set, the `volumeSize` attribute must be at least as large as the referenced * snapshot. */ snapshotId?: pulumi.Input; /** * Throughput that the EBS volume supports, in MiB/s. Only valid for `volumeType` of `gp3`. */ throughput?: pulumi.Input; /** * Size of created volumes in GiB. * If `snapshotId` is set and `volumeSize` is omitted then the volume will have the same size * as the selected snapshot. */ volumeSize?: pulumi.Input; /** * Type of EBS volume to create. Can be `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1` (Default: `standard`). */ volumeType?: pulumi.Input; } export interface AmiCopyEphemeralBlockDevice { /** * Path at which the device is exposed to created instances. */ deviceName?: pulumi.Input; /** * Name for the ephemeral device, of the form "ephemeralN" where * *N* is a volume number starting from zero. */ virtualName?: pulumi.Input; } export interface AmiEbsBlockDevice { /** * Boolean controlling whether the EBS volumes created to * support each created instance will be deleted once that instance is terminated. */ deleteOnTermination?: pulumi.Input; /** * Path at which the device is exposed to created instances. */ deviceName: pulumi.Input; /** * Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshotId`. */ encrypted?: pulumi.Input; /** * Number of I/O operations per second the * created volumes will support. */ iops?: pulumi.Input; /** * ARN of the Outpost on which the snapshot is stored. * * > **Note:** You can specify `encrypted` or `snapshotId` but not both. */ outpostArn?: pulumi.Input; /** * ID of an EBS snapshot that will be used to initialize the created * EBS volumes. If set, the `volumeSize` attribute must be at least as large as the referenced * snapshot. */ snapshotId?: pulumi.Input; /** * Throughput that the EBS volume supports, in MiB/s. Only valid for `volumeType` of `gp3`. */ throughput?: pulumi.Input; /** * Size of created volumes in GiB. * If `snapshotId` is set and `volumeSize` is omitted then the volume will have the same size * as the selected snapshot. */ volumeSize?: pulumi.Input; /** * Type of EBS volume to create. Can be `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1` (Default: `standard`). */ volumeType?: pulumi.Input; } export interface AmiEphemeralBlockDevice { /** * Path at which the device is exposed to created instances. */ deviceName: pulumi.Input; /** * Name for the ephemeral device, of the form "ephemeralN" where * *N* is a volume number starting from zero. */ virtualName: pulumi.Input; } export interface AmiFromInstanceEbsBlockDevice { /** * Boolean controlling whether the EBS volumes created to * support each created instance will be deleted once that instance is terminated. */ deleteOnTermination?: pulumi.Input; /** * Path at which the device is exposed to created instances. */ deviceName?: pulumi.Input; /** * Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshotId`. */ encrypted?: pulumi.Input; /** * Number of I/O operations per second the * created volumes will support. */ iops?: pulumi.Input; /** * ARN of the Outpost on which the snapshot is stored. * * > **Note:** You can specify `encrypted` or `snapshotId` but not both. */ outpostArn?: pulumi.Input; /** * ID of an EBS snapshot that will be used to initialize the created * EBS volumes. If set, the `volumeSize` attribute must be at least as large as the referenced * snapshot. */ snapshotId?: pulumi.Input; /** * Throughput that the EBS volume supports, in MiB/s. Only valid for `volumeType` of `gp3`. */ throughput?: pulumi.Input; /** * Size of created volumes in GiB. * If `snapshotId` is set and `volumeSize` is omitted then the volume will have the same size * as the selected snapshot. */ volumeSize?: pulumi.Input; /** * Type of EBS volume to create. Can be `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1` (Default: `standard`). */ volumeType?: pulumi.Input; } export interface AmiFromInstanceEphemeralBlockDevice { /** * Path at which the device is exposed to created instances. */ deviceName?: pulumi.Input; /** * Name for the ephemeral device, of the form "ephemeralN" where * *N* is a volume number starting from zero. */ virtualName?: pulumi.Input; } export interface DefaultNetworkAclEgress { /** * The action to take. */ action: pulumi.Input; /** * The CIDR block to match. This must be a valid network mask. */ cidrBlock?: pulumi.Input; /** * The from port to match. */ fromPort: pulumi.Input; /** * The ICMP type code to be used. Default 0. */ icmpCode?: pulumi.Input; /** * The ICMP type to be used. Default 0. */ icmpType?: pulumi.Input; /** * The IPv6 CIDR block. * * > For more information on ICMP types and codes, see [Internet Control Message Protocol (ICMP) Parameters](https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml). */ ipv6CidrBlock?: pulumi.Input; /** * The protocol to match. If using the -1 'all' protocol, you must specify a from and to port of 0. */ protocol: pulumi.Input; /** * The rule number. Used for ordering. */ ruleNo: pulumi.Input; /** * The to port to match. * * The following arguments are optional: */ toPort: pulumi.Input; } export interface DefaultNetworkAclIngress { /** * The action to take. */ action: pulumi.Input; /** * The CIDR block to match. This must be a valid network mask. */ cidrBlock?: pulumi.Input; /** * The from port to match. */ fromPort: pulumi.Input; /** * The ICMP type code to be used. Default 0. */ icmpCode?: pulumi.Input; /** * The ICMP type to be used. Default 0. */ icmpType?: pulumi.Input; /** * The IPv6 CIDR block. * * > For more information on ICMP types and codes, see [Internet Control Message Protocol (ICMP) Parameters](https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml). */ ipv6CidrBlock?: pulumi.Input; /** * The protocol to match. If using the -1 'all' protocol, you must specify a from and to port of 0. */ protocol: pulumi.Input; /** * The rule number. Used for ordering. */ ruleNo: pulumi.Input; /** * The to port to match. * * The following arguments are optional: */ toPort: pulumi.Input; } export interface DefaultRouteTableRoute { /** * The CIDR block of the route. */ cidrBlock?: pulumi.Input; /** * The Amazon Resource Name (ARN) of a core network. */ coreNetworkArn?: pulumi.Input; /** * The ID of a managed prefix list destination of the route. * * One of the following target arguments must be supplied: */ destinationPrefixListId?: pulumi.Input; /** * Identifier of a VPC Egress Only Internet Gateway. */ egressOnlyGatewayId?: pulumi.Input; /** * Identifier of a VPC internet gateway or a virtual private gateway. */ gatewayId?: pulumi.Input; /** * Identifier of an EC2 instance. */ instanceId?: pulumi.Input; /** * The Ipv6 CIDR block of the route */ ipv6CidrBlock?: pulumi.Input; /** * Identifier of a VPC NAT gateway. */ natGatewayId?: pulumi.Input; /** * Identifier of an EC2 network interface. */ networkInterfaceId?: pulumi.Input; /** * Identifier of an EC2 Transit Gateway. */ transitGatewayId?: pulumi.Input; /** * Identifier of a VPC Endpoint. This route must be removed prior to VPC Endpoint deletion. */ vpcEndpointId?: pulumi.Input; /** * Identifier of a VPC peering connection. * * Note that the default route, mapping the VPC's CIDR block to "local", is created implicitly and cannot be specified. */ vpcPeeringConnectionId?: pulumi.Input; } export interface DefaultSecurityGroupEgress { /** * List of CIDR blocks. */ cidrBlocks?: pulumi.Input[]>; /** * Description of this rule. */ description?: pulumi.Input; /** * Start port (or ICMP type number if protocol is `icmp`) */ fromPort: pulumi.Input; /** * List of IPv6 CIDR blocks. */ ipv6CidrBlocks?: pulumi.Input[]>; /** * List of prefix list IDs (for allowing access to VPC endpoints) */ prefixListIds?: pulumi.Input[]>; /** * Protocol. If you select a protocol of "-1" (semantically equivalent to `all`, which is not a valid value here), you must specify a `fromPort` and `toPort` equal to `0`. If not `icmp`, `tcp`, `udp`, or `-1` use the [protocol number](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). */ protocol: pulumi.Input; /** * List of security groups. A group name can be used relative to the default VPC. Otherwise, group ID. */ securityGroups?: pulumi.Input[]>; /** * Whether the security group itself will be added as a source to this egress rule. */ self?: pulumi.Input; /** * End range port (or ICMP code if protocol is `icmp`). */ toPort: pulumi.Input; } export interface DefaultSecurityGroupIngress { /** * List of CIDR blocks. */ cidrBlocks?: pulumi.Input[]>; /** * Description of this rule. */ description?: pulumi.Input; /** * Start port (or ICMP type number if protocol is `icmp`) */ fromPort: pulumi.Input; /** * List of IPv6 CIDR blocks. */ ipv6CidrBlocks?: pulumi.Input[]>; /** * List of prefix list IDs (for allowing access to VPC endpoints) */ prefixListIds?: pulumi.Input[]>; /** * Protocol. If you select a protocol of "-1" (semantically equivalent to `all`, which is not a valid value here), you must specify a `fromPort` and `toPort` equal to `0`. If not `icmp`, `tcp`, `udp`, or `-1` use the [protocol number](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). */ protocol: pulumi.Input; /** * List of security groups. A group name can be used relative to the default VPC. Otherwise, group ID. */ securityGroups?: pulumi.Input[]>; /** * Whether the security group itself will be added as a source to this egress rule. */ self?: pulumi.Input; /** * End range port (or ICMP code if protocol is `icmp`). */ toPort: pulumi.Input; } export interface FleetFleetInstanceSet { /** * The IDs of the instances. */ instanceIds?: pulumi.Input[]>; /** * Instance type. */ instanceType?: pulumi.Input; /** * Indicates if the instance that was launched is a Spot Instance or On-Demand Instance. */ lifecycle?: pulumi.Input; /** * The value is `Windows` for Windows instances. Otherwise, the value is blank. */ platform?: pulumi.Input; } export interface FleetLaunchTemplateConfig { /** * Nested argument containing EC2 Launch Template to use. Defined below. */ launchTemplateSpecification?: pulumi.Input; /** * Nested argument(s) containing parameters to override the same parameters in the Launch Template. Defined below. */ overrides?: pulumi.Input[]>; } export interface FleetLaunchTemplateConfigLaunchTemplateSpecification { /** * The ID of the launch template. */ launchTemplateId?: pulumi.Input; /** * The name of the launch template. */ launchTemplateName?: pulumi.Input; /** * The launch template version number, `$Latest`, or `$Default.` */ version: pulumi.Input; } export interface FleetLaunchTemplateConfigOverride { /** * Availability Zone in which to launch the instances. */ availabilityZone?: pulumi.Input; /** * Override the instance type in the Launch Template with instance types that satisfy the requirements. */ instanceRequirements?: pulumi.Input; /** * Instance type. */ instanceType?: pulumi.Input; /** * Maximum price per unit hour that you are willing to pay for a Spot Instance. */ maxPrice?: pulumi.Input; /** * Priority for the launch template override. If `onDemandOptions` `allocationStrategy` is set to `prioritized`, EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity. The highest priority is launched first. The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. Valid values are whole numbers starting at 0. */ priority?: pulumi.Input; /** * ID of the subnet in which to launch the instances. */ subnetId?: pulumi.Input; /** * Number of units provided by the specified instance type. */ weightedCapacity?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirements { /** * Block describing the minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips). Default is no minimum or maximum limits. */ acceleratorCount?: pulumi.Input; /** * List of accelerator manufacturer names. Default is any manufacturer. */ acceleratorManufacturers?: pulumi.Input[]>; /** * List of accelerator names. Default is any acclerator. */ acceleratorNames?: pulumi.Input[]>; /** * Block describing the minimum and maximum total memory of the accelerators. Default is no minimum or maximum. */ acceleratorTotalMemoryMib?: pulumi.Input; /** * The accelerator types that must be on the instance type. Default is any accelerator type. */ acceleratorTypes?: pulumi.Input[]>; /** * The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. You can use strings with one or more wild cards,represented by an asterisk (\*). The following are examples: `c5*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are excluding all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is no excluded instance types. Default is any instance type. * * If you specify `AllowedInstanceTypes`, you can't specify `ExcludedInstanceTypes`. */ allowedInstanceTypes?: pulumi.Input[]>; /** * Indicate whether bare metal instace types should be `included`, `excluded`, or `required`. Default is `excluded`. */ bareMetal?: pulumi.Input; /** * Block describing the minimum and maximum baseline EBS bandwidth, in Mbps. Default is no minimum or maximum. */ baselineEbsBandwidthMbps?: pulumi.Input; /** * Indicates whether burstable performance T instance types are `included`, `excluded`, or `required`. Default is `excluded`. */ burstablePerformance?: pulumi.Input; /** * The CPU manufacturers to include. Default is any manufacturer. * > **NOTE:** Don't confuse the CPU hardware manufacturer with the CPU hardware architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. */ cpuManufacturers?: pulumi.Input[]>; /** * The instance types to exclude. You can use strings with one or more wild cards, represented by an asterisk (\*). The following are examples: `c5*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are excluding all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is no excluded instance types. * * If you specify `AllowedInstanceTypes`, you can't specify `ExcludedInstanceTypes`. */ excludedInstanceTypes?: pulumi.Input[]>; /** * Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Valid values are `current` and `previous`. Default is `current` and `previous` generation instance types. */ instanceGenerations?: pulumi.Input[]>; /** * Indicate whether instance types with local storage volumes are `included`, `excluded`, or `required`. Default is `included`. */ localStorage?: pulumi.Input; /** * List of local storage type names. Valid values are `hdd` and `ssd`. Default any storage type. */ localStorageTypes?: pulumi.Input[]>; /** * Block describing the minimum and maximum amount of memory (GiB) per vCPU. Default is no minimum or maximum. */ memoryGibPerVcpu?: pulumi.Input; /** * The minimum and maximum amount of memory per vCPU, in GiB. Default is no minimum or maximum limits. */ memoryMib: pulumi.Input; /** * The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps). Default is No minimum or maximum. */ networkBandwidthGbps?: pulumi.Input; /** * Block describing the minimum and maximum number of network interfaces. Default is no minimum or maximum. */ networkInterfaceCount?: pulumi.Input; /** * The price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 20. * * If you set `targetCapacityUnitType` to `vcpu` or `memory-mib`, the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. */ onDemandMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Indicate whether instance types must support On-Demand Instance Hibernation, either `true` or `false`. Default is `false`. */ requireHibernateSupport?: pulumi.Input; /** * The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 100. * * If you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price. */ spotMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Block describing the minimum and maximum total local storage (GB). Default is no minimum or maximum. */ totalLocalStorageGb?: pulumi.Input; /** * Block describing the minimum and maximum number of vCPUs. Default is no maximum. */ vcpuCount: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorCount { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorTotalMemoryMib { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsBaselineEbsBandwidthMbps { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsMemoryGibPerVcpu { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsMemoryMib { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsNetworkBandwidthGbps { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsNetworkInterfaceCount { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsTotalLocalStorageGb { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsVcpuCount { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min: pulumi.Input; } export interface FleetOnDemandOptions { /** * The order of the launch template overrides to use in fulfilling On-Demand capacity. Valid values: `lowestPrice`, `prioritized`. Default: `lowestPrice`. */ allocationStrategy?: pulumi.Input; /** * The maximum amount per hour for On-Demand Instances that you're willing to pay. */ maxTotalPrice?: pulumi.Input; /** * The minimum target capacity for On-Demand Instances in the fleet. If the minimum target capacity is not reached, the fleet launches no instances. Supported only for fleets of type `instant`. * If you specify `minTargetCapacity`, at least one of the following must be specified: `singleAvailabilityZone` or `singleInstanceType`. */ minTargetCapacity?: pulumi.Input; /** * Indicates that the fleet launches all On-Demand Instances into a single Availability Zone. Supported only for fleets of type `instant`. */ singleAvailabilityZone?: pulumi.Input; /** * Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet. Supported only for fleets of type `instant`. */ singleInstanceType?: pulumi.Input; } export interface FleetSpotOptions { /** * How to allocate the target capacity across the Spot pools. Valid values: `diversified`, `lowestPrice`, `capacity-optimized`, `capacity-optimized-prioritized` and `price-capacity-optimized`. Default: `lowestPrice`. */ allocationStrategy?: pulumi.Input; /** * Behavior when a Spot Instance is interrupted. Valid values: `hibernate`, `stop`, `terminate`. Default: `terminate`. */ instanceInterruptionBehavior?: pulumi.Input; /** * Number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot `allocationStrategy` is set to `lowestPrice`. Default: `1`. */ instancePoolsToUseCount?: pulumi.Input; /** * Nested argument containing maintenance strategies for managing your Spot Instances that are at an elevated risk of being interrupted. Defined below. */ maintenanceStrategies?: pulumi.Input; } export interface FleetSpotOptionsMaintenanceStrategies { /** * Nested argument containing the capacity rebalance for your fleet request. Defined below. */ capacityRebalance?: pulumi.Input; } export interface FleetSpotOptionsMaintenanceStrategiesCapacityRebalance { /** * The replacement strategy to use. Only available for fleets of `type` set to `maintain`. Valid values: `launch`. */ replacementStrategy?: pulumi.Input; terminationDelay?: pulumi.Input; } export interface FleetTargetCapacitySpecification { /** * Default target capacity type. Valid values: `on-demand`, `spot`. */ defaultTargetCapacityType: pulumi.Input; /** * The number of On-Demand units to request. */ onDemandTargetCapacity?: pulumi.Input; /** * The number of Spot units to request. */ spotTargetCapacity?: pulumi.Input; /** * The unit for the target capacity. * If you specify `targetCapacityUnitType`, `instanceRequirements` must be specified. */ targetCapacityUnitType?: pulumi.Input; /** * The number of units to request, filled using `defaultTargetCapacityType`. */ totalTargetCapacity: pulumi.Input; } export interface FlowLogDestinationOptions { /** * The format for the flow log. Default value: `plain-text`. Valid values: `plain-text`, `parquet`. */ fileFormat?: pulumi.Input; /** * Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3. Default value: `false`. */ hiveCompatiblePartitions?: pulumi.Input; /** * Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries. Default value: `false`. */ perHourPartition?: pulumi.Input; } export interface GetAmiFilter { /** * Name of the AMI that was provided during image creation. */ name: string; values: string[]; } export interface GetAmiFilterArgs { /** * Name of the AMI that was provided during image creation. */ name: pulumi.Input; values: pulumi.Input[]>; } export interface GetAmiIdsFilter { name: string; values: string[]; } export interface GetAmiIdsFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetCoipPoolFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCoipPools.html). */ name: string; /** * Set of values that are accepted for the given field. * A COIP Pool will be selected if any one of the given values matches. */ values: string[]; } export interface GetCoipPoolFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCoipPools.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A COIP Pool will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetCoipPoolsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCoipPools.html). */ name: string; /** * Set of values that are accepted for the given field. * A COIP Pool will be selected if any one of the given values matches. */ values: string[]; } export interface GetCoipPoolsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCoipPools.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A COIP Pool will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetCustomerGatewayFilter { name: string; values: string[]; } export interface GetCustomerGatewayFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetDedicatedHostFilter { /** * Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeHosts.html). */ name: string; /** * Set of values that are accepted for the given field. A host will be selected if any one of the given values matches. */ values: string[]; } export interface GetDedicatedHostFilterArgs { /** * Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeHosts.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. A host will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetEipsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html). */ name: string; /** * Set of values that are accepted for the given field. An Elastic IP will be selected if any one of the given values matches. */ values: string[]; } export interface GetEipsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. An Elastic IP will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetElasticIpFilter { name: string; values: string[]; } export interface GetElasticIpFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetInstanceFilter { name: string; values: string[]; } export interface GetInstanceFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetInstanceTypeOfferingFilter { /** * Name of the filter. The `location` filter depends on the top-level `locationType` argument and if not specified, defaults to the current region. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetInstanceTypeOfferingFilterArgs { /** * Name of the filter. The `location` filter depends on the top-level `locationType` argument and if not specified, defaults to the current region. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetInstanceTypeOfferingsFilter { /** * Name of the filter. The `location` filter depends on the top-level `locationType` argument and if not specified, defaults to the current region. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetInstanceTypeOfferingsFilterArgs { /** * Name of the filter. The `location` filter depends on the top-level `locationType` argument and if not specified, defaults to the current region. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetInstanceTypesFilter { /** * Name of the filter. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetInstanceTypesFilterArgs { /** * Name of the filter. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetInstancesFilter { name: string; values: string[]; } export interface GetInstancesFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetInternetGatewayFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html). */ name: string; /** * Set of values that are accepted for the given field. * An Internet Gateway will be selected if any one of the given values matches. */ values: string[]; } export interface GetInternetGatewayFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * An Internet Gateway will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetKeyPairFilter { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeKeyPairs API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeKeyPairs.html). */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetKeyPairFilterArgs { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeKeyPairs API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeKeyPairs.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetLaunchTemplateFilter { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeLaunchTemplates API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplates.html). */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetLaunchTemplateFilterArgs { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeLaunchTemplates API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplates.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetLocalGatewayFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGateways.html). */ name: string; /** * Set of values that are accepted for the given field. * A Local Gateway will be selected if any one of the given values matches. */ values: string[]; } export interface GetLocalGatewayFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGateways.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Local Gateway will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetLocalGatewayRouteTableFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTables.html). */ name: string; /** * Set of values that are accepted for the given field. * A local gateway route table will be selected if any one of the given values matches. */ values: string[]; } export interface GetLocalGatewayRouteTableFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTables.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A local gateway route table will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetLocalGatewayRouteTablesFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTables.html). */ name: string; /** * Set of values that are accepted for the given field. * A Local Gateway Route Table will be selected if any one of the given values matches. */ values: string[]; } export interface GetLocalGatewayRouteTablesFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTables.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Local Gateway Route Table will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetLocalGatewayVirtualInterfaceFilter { /** * Name of the filter. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetLocalGatewayVirtualInterfaceFilterArgs { /** * Name of the filter. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetLocalGatewayVirtualInterfaceGroupFilter { /** * Name of the filter. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetLocalGatewayVirtualInterfaceGroupFilterArgs { /** * Name of the filter. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetLocalGatewayVirtualInterfaceGroupsFilter { /** * Name of the filter. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetLocalGatewayVirtualInterfaceGroupsFilterArgs { /** * Name of the filter. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetLocalGatewaysFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGateways.html). */ name: string; /** * Set of values that are accepted for the given field. * A Local Gateway will be selected if any one of the given values matches. */ values: string[]; } export interface GetLocalGatewaysFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGateways.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Local Gateway will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetManagedPrefixListFilter { /** * Name of the filter field. Valid values can be found in the EC2 [DescribeManagedPrefixLists](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeManagedPrefixLists.html) API Reference. */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetManagedPrefixListFilterArgs { /** * Name of the filter field. Valid values can be found in the EC2 [DescribeManagedPrefixLists](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeManagedPrefixLists.html) API Reference. */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetManagedPrefixListsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeManagedPrefixLists.html). */ name: string; /** * Set of values that are accepted for the given field. * A managed prefix list will be selected if any one of the given values matches. */ values: string[]; } export interface GetManagedPrefixListsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeManagedPrefixLists.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A managed prefix list will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetNatGatewayFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html). */ name: string; /** * Set of values that are accepted for the given field. * An Nat Gateway will be selected if any one of the given values matches. */ values: string[]; } export interface GetNatGatewayFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * An Nat Gateway will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetNatGatewaysFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html). */ name: string; /** * Set of values that are accepted for the given field. * A Nat Gateway will be selected if any one of the given values matches. */ values: string[]; } export interface GetNatGatewaysFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Nat Gateway will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetNetworkAclsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html). */ name: string; /** * Set of values that are accepted for the given field. * A VPC will be selected if any one of the given values matches. */ values: string[]; } export interface GetNetworkAclsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A VPC will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetNetworkInsightsAnalysisFilter { /** * Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference. */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetNetworkInsightsAnalysisFilterArgs { /** * Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference. */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetNetworkInsightsPathFilter { /** * Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsPaths`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsPaths.html) API Reference. */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetNetworkInsightsPathFilterArgs { /** * Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsPaths`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsPaths.html) API Reference. */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetNetworkInterfaceFilter { name: string; values: string[]; } export interface GetNetworkInterfaceFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetNetworkInterfacesFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInterfaces.html). */ name: string; /** * Set of values that are accepted for the given field. */ values: string[]; } export interface GetNetworkInterfacesFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInterfaces.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. */ values: pulumi.Input[]>; } export interface GetPrefixListFilter { /** * Name of the filter field. Valid values can be found in the [EC2 DescribePrefixLists API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePrefixLists.html). */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetPrefixListFilterArgs { /** * Name of the filter field. Valid values can be found in the [EC2 DescribePrefixLists API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePrefixLists.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetPublicIpv4PoolsFilter { /** * Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePublicIpv4Pools.html). */ name: string; /** * Set of values that are accepted for the given field. Pool IDs will be selected if any one of the given values match. */ values: string[]; } export interface GetPublicIpv4PoolsFilterArgs { /** * Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePublicIpv4Pools.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. Pool IDs will be selected if any one of the given values match. */ values: pulumi.Input[]>; } export interface GetRouteTableFilter { /** * Name of the field to filter by, as defined by [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html). */ name: string; /** * Set of values that are accepted for the given field. A Route Table will be selected if any one of the given values matches. */ values: string[]; } export interface GetRouteTableFilterArgs { /** * Name of the field to filter by, as defined by [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. A Route Table will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetRouteTablesFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html). */ name: string; /** * Set of values that are accepted for the given field. * A Route Table will be selected if any one of the given values matches. */ values: string[]; } export interface GetRouteTablesFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Route Table will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetSecurityGroupFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html). */ name: string; /** * Set of values that are accepted for the given field. * A Security Group will be selected if any one of the given values matches. */ values: string[]; } export interface GetSecurityGroupFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Security Group will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetSecurityGroupsFilter { name: string; values: string[]; } export interface GetSecurityGroupsFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetSpotPriceFilter { /** * Name of the filter. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetSpotPriceFilterArgs { /** * Name of the filter. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetSubnetFilter { /** * Name of the field to filter by, as defined by [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html). */ name: string; /** * Set of values that are accepted for the given field. A subnet will be selected if any one of the given values matches. */ values: string[]; } export interface GetSubnetFilterArgs { /** * Name of the field to filter by, as defined by [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. A subnet will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetSubnetsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html). * For example, if matching against tag `Name`, use: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const selected = aws.ec2.getSubnets({ * filters: [{ * name: "tag:Name", * values: [""], * }], * }); * ``` */ name: string; /** * Set of values that are accepted for the given field. * Subnet IDs will be selected if any one of the given values match. */ values: string[]; } export interface GetSubnetsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html). * For example, if matching against tag `Name`, use: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const selected = aws.ec2.getSubnets({ * filters: [{ * name: "tag:Name", * values: [""], * }], * }); * ``` */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * Subnet IDs will be selected if any one of the given values match. */ values: pulumi.Input[]>; } export interface GetTransitGatewayRouteTablesFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayRouteTables.html). */ name: string; /** * Set of values that are accepted for the given field. * A Transit Gateway Route Table will be selected if any one of the given values matches. */ values: string[]; } export interface GetTransitGatewayRouteTablesFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayRouteTables.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Transit Gateway Route Table will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetVpcDhcpOptionsFilter { /** * Name of the field to filter. */ name: string; /** * Set of values for filtering. */ values: string[]; } export interface GetVpcDhcpOptionsFilterArgs { /** * Name of the field to filter. */ name: pulumi.Input; /** * Set of values for filtering. */ values: pulumi.Input[]>; } export interface GetVpcEndpointFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html). */ name: string; /** * Set of values that are accepted for the given field. * A VPC Endpoint will be selected if any one of the given values matches. */ values: string[]; } export interface GetVpcEndpointFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A VPC Endpoint will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetVpcEndpointServiceFilter { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeVpcEndpointServices API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointServices.html). */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetVpcEndpointServiceFilterArgs { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeVpcEndpointServices API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointServices.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetVpcFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html). */ name: string; /** * Set of values that are accepted for the given field. * A VPC will be selected if any one of the given values matches. */ values: string[]; } export interface GetVpcFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A VPC will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetVpcIamPoolCidrsFilter { name: string; values: string[]; } export interface GetVpcIamPoolCidrsFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetVpcIamPoolFilter { /** * The name of the filter. Filter names are case-sensitive. */ name: string; /** * The filter values. Filter values are case-sensitive. */ values: string[]; } export interface GetVpcIamPoolFilterArgs { /** * The name of the filter. Filter names are case-sensitive. */ name: pulumi.Input; /** * The filter values. Filter values are case-sensitive. */ values: pulumi.Input[]>; } export interface GetVpcIamPoolsFilter { /** * The name of the filter. Filter names are case-sensitive. */ name: string; /** * The filter values. Filter values are case-sensitive. */ values: string[]; } export interface GetVpcIamPoolsFilterArgs { /** * The name of the filter. Filter names are case-sensitive. */ name: pulumi.Input; /** * The filter values. Filter values are case-sensitive. */ values: pulumi.Input[]>; } export interface GetVpcIpamPoolCidrsFilter { name: string; values: string[]; } export interface GetVpcIpamPoolCidrsFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetVpcIpamPoolFilter { /** * The name of the filter. Filter names are case-sensitive. */ name: string; /** * The filter values. Filter values are case-sensitive. */ values: string[]; } export interface GetVpcIpamPoolFilterArgs { /** * The name of the filter. Filter names are case-sensitive. */ name: pulumi.Input; /** * The filter values. Filter values are case-sensitive. */ values: pulumi.Input[]>; } export interface GetVpcIpamPoolsFilter { /** * The name of the filter. Filter names are case-sensitive. */ name: string; /** * The filter values. Filter values are case-sensitive. */ values: string[]; } export interface GetVpcIpamPoolsFilterArgs { /** * The name of the filter. Filter names are case-sensitive. */ name: pulumi.Input; /** * The filter values. Filter values are case-sensitive. */ values: pulumi.Input[]>; } export interface GetVpcPeeringConnectionFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html). */ name: string; /** * Set of values that are accepted for the given field. * A VPC Peering Connection will be selected if any one of the given values matches. */ values: string[]; } export interface GetVpcPeeringConnectionFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A VPC Peering Connection will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetVpcPeeringConnectionsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html). */ name: string; /** * Set of values that are accepted for the given field. * A VPC Peering Connection will be selected if any one of the given values matches. */ values: string[]; } export interface GetVpcPeeringConnectionsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A VPC Peering Connection will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetVpcsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html). */ name: string; /** * Set of values that are accepted for the given field. * A VPC will be selected if any one of the given values matches. */ values: string[]; } export interface GetVpcsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A VPC will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetVpnGatewayFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnGateways.html). */ name: string; /** * Set of values that are accepted for the given field. * A VPN Gateway will be selected if any one of the given values matches. */ values: string[]; } export interface GetVpnGatewayFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnGateways.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A VPN Gateway will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface InstanceCapacityReservationSpecification { /** * Indicates the instance's Capacity Reservation preferences. Can be `"open"` or `"none"`. (Default: `"open"`). */ capacityReservationPreference?: pulumi.Input; /** * Information about the target Capacity Reservation. See Capacity Reservation Target below for more details. * * For more information, see the documentation on [Capacity Reservations](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-reservations-using.html). */ capacityReservationTarget?: pulumi.Input; } export interface InstanceCapacityReservationSpecificationCapacityReservationTarget { /** * ID of the Capacity Reservation in which to run the instance. */ capacityReservationId?: pulumi.Input; /** * ARN of the Capacity Reservation resource group in which to run the instance. */ capacityReservationResourceGroupArn?: pulumi.Input; } export interface InstanceCpuOptions { /** * Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. Valid values are `enabled` and `disabled`. */ amdSevSnp?: pulumi.Input; /** * Sets the number of CPU cores for an instance. This option is only supported on creation of instance type that support CPU Options [CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API. */ coreCount?: pulumi.Input; /** * If set to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information. * * For more information, see the documentation on [Optimizing CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html). */ threadsPerCore?: pulumi.Input; } export interface InstanceCreditSpecification { /** * Credit option for CPU usage. Valid values include `standard` or `unlimited`. T3 instances are launched as unlimited by default. T2 instances are launched as standard by default. */ cpuCredits?: pulumi.Input; } export interface InstanceEbsBlockDevice { /** * Whether the volume should be destroyed on instance termination. Defaults to `true`. */ deleteOnTermination?: pulumi.Input; /** * Name of the device to mount. */ deviceName: pulumi.Input; /** * Enables [EBS encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) on the volume. Defaults to `false`. Cannot be used with `snapshotId`. Must be configured to perform drift detection. */ encrypted?: pulumi.Input; /** * Amount of provisioned [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html). Only valid for volumeType of `io1`, `io2` or `gp3`. */ iops?: pulumi.Input; /** * Amazon Resource Name (ARN) of the KMS Key to use when encrypting the volume. Must be configured to perform drift detection. */ kmsKeyId?: pulumi.Input; /** * Snapshot ID to mount. */ snapshotId?: pulumi.Input; /** * Map of tags to assign to the device. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Throughput to provision for a volume in mebibytes per second (MiB/s). This is only valid for `volumeType` of `gp3`. */ throughput?: pulumi.Input; /** * ID of the volume. For example, the ID can be accessed like this, `aws_instance.web.root_block_device.0.volume_id`. */ volumeId?: pulumi.Input; /** * Size of the volume in gibibytes (GiB). */ volumeSize?: pulumi.Input; /** * Type of volume. Valid values include `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1`, or `st1`. Defaults to `gp2`. * * > **NOTE:** Currently, changes to the `ebsBlockDevice` configuration of _existing_ resources cannot be automatically detected by this provider. To manage changes and attachments of an EBS block to an instance, use the `aws.ebs.Volume` and `aws.ec2.VolumeAttachment` resources instead. If you use `ebsBlockDevice` on an `aws.ec2.Instance`, this provider will assume management over the full set of non-root EBS block devices for the instance, treating additional block devices as drift. For this reason, `ebsBlockDevice` cannot be mixed with external `aws.ebs.Volume` and `aws.ec2.VolumeAttachment` resources for a given instance. */ volumeType?: pulumi.Input; } export interface InstanceEnclaveOptions { /** * Whether Nitro Enclaves will be enabled on the instance. Defaults to `false`. * * For more information, see the documentation on [Nitro Enclaves](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html). */ enabled?: pulumi.Input; } export interface InstanceEphemeralBlockDevice { /** * Name of the block device to mount on the instance. */ deviceName: pulumi.Input; /** * Suppresses the specified device included in the AMI's block device mapping. */ noDevice?: pulumi.Input; /** * [Instance Store Device Name](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames) (e.g., `ephemeral0`). * * Each AWS Instance type has a different set of Instance Store block devices available for attachment. AWS [publishes a list](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#StorageOnInstanceTypes) of which ephemeral devices are available on each type. The devices are always identified by the `virtualName` in the format `ephemeral{0..N}`. */ virtualName?: pulumi.Input; } export interface InstanceInstanceMarketOptions { /** * Type of market for the instance. Valid value is `spot`. Defaults to `spot`. */ marketType?: pulumi.Input; /** * Block to configure the options for Spot Instances. See Spot Options below for details on attributes. */ spotOptions?: pulumi.Input; } export interface InstanceInstanceMarketOptionsSpotOptions { /** * The behavior when a Spot Instance is interrupted. Valid values include `hibernate`, `stop`, `terminate` . The default is `terminate`. */ instanceInterruptionBehavior?: pulumi.Input; /** * The maximum hourly price that you're willing to pay for a Spot Instance. */ maxPrice?: pulumi.Input; /** * The Spot Instance request type. Valid values include `one-time`, `persistent`. Persistent Spot Instance requests are only supported when the instance interruption behavior is either hibernate or stop. The default is `one-time`. */ spotInstanceType?: pulumi.Input; /** * The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests. */ validUntil?: pulumi.Input; } export interface InstanceLaunchTemplate { /** * ID of the launch template. Conflicts with `name`. */ id?: pulumi.Input; /** * Name of the launch template. Conflicts with `id`. */ name?: pulumi.Input; /** * Template version. Can be a specific version number, `$Latest` or `$Default`. The default value is `$Default`. */ version?: pulumi.Input; } export interface InstanceMaintenanceOptions { /** * Automatic recovery behavior of the Instance. Can be `"default"` or `"disabled"`. See [Recover your instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-recover.html) for more details. */ autoRecovery?: pulumi.Input; } export interface InstanceMetadataOptions { /** * Whether the metadata service is available. Valid values include `enabled` or `disabled`. Defaults to `enabled`. */ httpEndpoint?: pulumi.Input; /** * Whether the IPv6 endpoint for the instance metadata service is enabled. Defaults to `disabled`. */ httpProtocolIpv6?: pulumi.Input; /** * Desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Valid values are integer from `1` to `64`. Defaults to `1`. */ httpPutResponseHopLimit?: pulumi.Input; /** * Whether or not the metadata service requires session tokens, also referred to as _Instance Metadata Service Version 2 (IMDSv2)_. Valid values include `optional` or `required`. Defaults to `optional`. */ httpTokens?: pulumi.Input; /** * Enables or disables access to instance tags from the instance metadata service. Valid values include `enabled` or `disabled`. Defaults to `disabled`. * * For more information, see the documentation on the [Instance Metadata Service](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). */ instanceMetadataTags?: pulumi.Input; } export interface InstanceNetworkInterface { /** * Whether or not to delete the network interface on instance termination. Defaults to `false`. Currently, the only valid value is `false`, as this is only supported when creating new network interfaces when launching an instance. */ deleteOnTermination?: pulumi.Input; /** * Integer index of the network interface attachment. Limited by instance type. */ deviceIndex: pulumi.Input; /** * Integer index of the network card. Limited by instance type. The default index is `0`. */ networkCardIndex?: pulumi.Input; /** * ID of the network interface to attach. */ networkInterfaceId: pulumi.Input; } export interface InstancePrivateDnsNameOptions { /** * Indicates whether to respond to DNS queries for instance hostnames with DNS A records. */ enableResourceNameDnsARecord?: pulumi.Input; /** * Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. */ enableResourceNameDnsAaaaRecord?: pulumi.Input; /** * Type of hostname for Amazon EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 native subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. Valid values: `ip-name` and `resource-name`. */ hostnameType?: pulumi.Input; } export interface InstanceRootBlockDevice { /** * Whether the volume should be destroyed on instance termination. Defaults to `true`. */ deleteOnTermination?: pulumi.Input; /** * Name of the device to mount. */ deviceName?: pulumi.Input; /** * Whether to enable volume encryption. Defaults to `false`. Must be configured to perform drift detection. */ encrypted?: pulumi.Input; /** * Amount of provisioned [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html). Only valid for volumeType of `io1`, `io2` or `gp3`. */ iops?: pulumi.Input; /** * Amazon Resource Name (ARN) of the KMS Key to use when encrypting the volume. Must be configured to perform drift detection. */ kmsKeyId?: pulumi.Input; /** * Map of tags to assign to the device. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Throughput to provision for a volume in mebibytes per second (MiB/s). This is only valid for `volumeType` of `gp3`. */ throughput?: pulumi.Input; /** * ID of the volume. For example, the ID can be accessed like this, `aws_instance.web.root_block_device.0.volume_id`. */ volumeId?: pulumi.Input; /** * Size of the volume in gibibytes (GiB). */ volumeSize?: pulumi.Input; /** * Type of volume. Valid values include `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1`, or `st1`. Defaults to `gp2`. * * Modifying the `encrypted` or `kmsKeyId` settings of the `rootBlockDevice` requires resource replacement. */ volumeType?: pulumi.Input; } export interface LaunchConfigurationEbsBlockDevice { deleteOnTermination?: pulumi.Input; deviceName: pulumi.Input; encrypted?: pulumi.Input; iops?: pulumi.Input; noDevice?: pulumi.Input; snapshotId?: pulumi.Input; throughput?: pulumi.Input; volumeSize?: pulumi.Input; volumeType?: pulumi.Input; } export interface LaunchConfigurationEphemeralBlockDevice { deviceName: pulumi.Input; noDevice?: pulumi.Input; virtualName?: pulumi.Input; } export interface LaunchConfigurationMetadataOptions { /** * The state of the metadata service: `enabled`, `disabled`. */ httpEndpoint?: pulumi.Input; /** * The desired HTTP PUT response hop limit for instance metadata requests. */ httpPutResponseHopLimit?: pulumi.Input; /** * If session tokens are required: `optional`, `required`. */ httpTokens?: pulumi.Input; } export interface LaunchConfigurationRootBlockDevice { deleteOnTermination?: pulumi.Input; encrypted?: pulumi.Input; iops?: pulumi.Input; throughput?: pulumi.Input; volumeSize?: pulumi.Input; volumeType?: pulumi.Input; } export interface LaunchTemplateBlockDeviceMapping { /** * The name of the device to mount. */ deviceName?: pulumi.Input; /** * Configure EBS volume properties. */ ebs?: pulumi.Input; /** * Suppresses the specified device included in the AMI's block device mapping. */ noDevice?: pulumi.Input; /** * The [Instance Store Device * Name](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames) * (e.g., `"ephemeral0"`). */ virtualName?: pulumi.Input; } export interface LaunchTemplateBlockDeviceMappingEbs { /** * Whether the volume should be destroyed on instance termination. * See [Preserving Amazon EBS Volumes on Instance Termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) for more information. */ deleteOnTermination?: pulumi.Input; /** * Enables [EBS encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) on the volume. * Cannot be used with `snapshotId`. */ encrypted?: pulumi.Input; /** * The amount of provisioned [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html). * This must be set with a `volumeType` of `"io1/io2/gp3"`. */ iops?: pulumi.Input; /** * The ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted volume. * `encrypted` must be set to `true` when this is set. */ kmsKeyId?: pulumi.Input; /** * The Snapshot ID to mount. */ snapshotId?: pulumi.Input; /** * The throughput to provision for a `gp3` volume in MiB/s (specified as an integer, e.g., 500), with a maximum of 1,000 MiB/s. */ throughput?: pulumi.Input; /** * The size of the volume in gigabytes. */ volumeSize?: pulumi.Input; /** * The volume type. * Can be one of `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1`. */ volumeType?: pulumi.Input; } export interface LaunchTemplateCapacityReservationSpecification { /** * Indicates the instance's Capacity Reservation preferences. Can be `open` or `none`. (Default `none`). */ capacityReservationPreference?: pulumi.Input; /** * Used to target a specific Capacity Reservation: */ capacityReservationTarget?: pulumi.Input; } export interface LaunchTemplateCapacityReservationSpecificationCapacityReservationTarget { /** * The ID of the Capacity Reservation in which to run the instance. */ capacityReservationId?: pulumi.Input; /** * The ARN of the Capacity Reservation resource group in which to run the instance. */ capacityReservationResourceGroupArn?: pulumi.Input; } export interface LaunchTemplateCpuOptions { /** * Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. Valid values are `enabled` and `disabled`. */ amdSevSnp?: pulumi.Input; /** * The number of CPU cores for the instance. */ coreCount?: pulumi.Input; /** * The number of threads per CPU core. * To disable Intel Hyper-Threading Technology for the instance, specify a value of 1. * Otherwise, specify the default value of 2. * * Both number of CPU cores and threads per core must be specified. Valid number of CPU cores and threads per core for the instance type can be found in the [CPU Options Documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html?shortFooter=true#cpu-options-supported-instances-values) */ threadsPerCore?: pulumi.Input; } export interface LaunchTemplateCreditSpecification { /** * The credit option for CPU usage. * Can be `standard` or `unlimited`. * T3 instances are launched as `unlimited` by default. * T2 instances are launched as `standard` by default. */ cpuCredits?: pulumi.Input; } export interface LaunchTemplateElasticGpuSpecification { /** * The [Elastic GPU Type](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-gpus.html#elastic-gpus-basics) */ type: pulumi.Input; } export interface LaunchTemplateElasticInferenceAccelerator { /** * Accelerator type. */ type: pulumi.Input; } export interface LaunchTemplateEnclaveOptions { /** * If set to `true`, Nitro Enclaves will be enabled on the instance. * * For more information, see the documentation on [Nitro Enclaves](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html). */ enabled?: pulumi.Input; } export interface LaunchTemplateHibernationOptions { /** * If set to `true`, the launched EC2 instance will hibernation enabled. */ configured: pulumi.Input; } export interface LaunchTemplateIamInstanceProfile { /** * The Amazon Resource Name (ARN) of the instance profile. */ arn?: pulumi.Input; /** * The name of the instance profile. */ name?: pulumi.Input; } export interface LaunchTemplateInstanceMarketOptions { /** * The market type. Can be `spot`. */ marketType?: pulumi.Input; /** * The options for [Spot Instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-spot-instances.html) */ spotOptions?: pulumi.Input; } export interface LaunchTemplateInstanceMarketOptionsSpotOptions { /** * The required duration in minutes. This value must be a multiple of 60. */ blockDurationMinutes?: pulumi.Input; /** * The behavior when a Spot Instance is interrupted. Can be `hibernate`, * `stop`, or `terminate`. (Default: `terminate`). */ instanceInterruptionBehavior?: pulumi.Input; /** * The maximum hourly price you're willing to pay for the Spot Instances. */ maxPrice?: pulumi.Input; /** * The Spot Instance request type. Can be `one-time`, or `persistent`. */ spotInstanceType?: pulumi.Input; /** * The end date of the request. */ validUntil?: pulumi.Input; } export interface LaunchTemplateInstanceRequirements { /** * Block describing the minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips). Default is no minimum or maximum. */ acceleratorCount?: pulumi.Input; /** * List of accelerator manufacturer names. Default is any manufacturer. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ acceleratorManufacturers?: pulumi.Input[]>; /** * List of accelerator names. Default is any acclerator. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ acceleratorNames?: pulumi.Input[]>; /** * Block describing the minimum and maximum total memory of the accelerators. Default is no minimum or maximum. */ acceleratorTotalMemoryMib?: pulumi.Input; /** * List of accelerator types. Default is any accelerator type. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ acceleratorTypes?: pulumi.Input[]>; /** * List of instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. You can use strings with one or more wild cards, represented by an asterisk (\*), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are allowing the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are allowing all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is all instance types. * * > **NOTE:** If you specify `allowedInstanceTypes`, you can't specify `excludedInstanceTypes`. */ allowedInstanceTypes?: pulumi.Input[]>; /** * Indicate whether bare metal instace types should be `included`, `excluded`, or `required`. Default is `excluded`. */ bareMetal?: pulumi.Input; /** * Block describing the minimum and maximum baseline EBS bandwidth, in Mbps. Default is no minimum or maximum. */ baselineEbsBandwidthMbps?: pulumi.Input; /** * Indicate whether burstable performance instance types should be `included`, `excluded`, or `required`. Default is `excluded`. */ burstablePerformance?: pulumi.Input; /** * List of CPU manufacturer names. Default is any manufacturer. * * > **NOTE:** Don't confuse the CPU hardware manufacturer with the CPU hardware architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ cpuManufacturers?: pulumi.Input[]>; /** * List of instance types to exclude. You can use strings with one or more wild cards, represented by an asterisk (\*), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are excluding all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is no excluded instance types. * * > **NOTE:** If you specify `excludedInstanceTypes`, you can't specify `allowedInstanceTypes`. */ excludedInstanceTypes?: pulumi.Input[]>; /** * List of instance generation names. Default is any generation. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ instanceGenerations?: pulumi.Input[]>; /** * Indicate whether instance types with local storage volumes are `included`, `excluded`, or `required`. Default is `included`. */ localStorage?: pulumi.Input; /** * List of local storage type names. Default any storage type. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ localStorageTypes?: pulumi.Input[]>; /** * Block describing the minimum and maximum amount of memory (GiB) per vCPU. Default is no minimum or maximum. */ memoryGibPerVcpu?: pulumi.Input; /** * Block describing the minimum and maximum amount of memory (MiB). Default is no maximum. */ memoryMib: pulumi.Input; /** * Block describing the minimum and maximum amount of network bandwidth, in gigabits per second (Gbps). Default is no minimum or maximum. */ networkBandwidthGbps?: pulumi.Input; /** * Block describing the minimum and maximum number of network interfaces. Default is no minimum or maximum. */ networkInterfaceCount?: pulumi.Input; /** * The price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 20. * * If you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price. */ onDemandMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Indicate whether instance types must support On-Demand Instance Hibernation, either `true` or `false`. Default is `false`. */ requireHibernateSupport?: pulumi.Input; /** * The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 100. * * If you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price. */ spotMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Block describing the minimum and maximum total local storage (GB). Default is no minimum or maximum. */ totalLocalStorageGb?: pulumi.Input; /** * Block describing the minimum and maximum number of vCPUs. Default is no maximum. */ vcpuCount: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsAcceleratorCount { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsAcceleratorTotalMemoryMib { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsBaselineEbsBandwidthMbps { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsMemoryGibPerVcpu { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsMemoryMib { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsNetworkBandwidthGbps { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsNetworkInterfaceCount { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsTotalLocalStorageGb { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsVcpuCount { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min: pulumi.Input; } export interface LaunchTemplateLicenseSpecification { /** * ARN of the license configuration. */ licenseConfigurationArn: pulumi.Input; } export interface LaunchTemplateMaintenanceOptions { /** * Disables the automatic recovery behavior of your instance or sets it to default. Can be `"default"` or `"disabled"`. See [Recover your instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-recover.html) for more details. */ autoRecovery?: pulumi.Input; } export interface LaunchTemplateMetadataOptions { /** * Whether the metadata service is available. Can be `"enabled"` or `"disabled"`. (Default: `"enabled"`). */ httpEndpoint?: pulumi.Input; /** * Enables or disables the IPv6 endpoint for the instance metadata service. Can be `"enabled"` or `"disabled"`. */ httpProtocolIpv6?: pulumi.Input; /** * The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Can be an integer from `1` to `64`. (Default: `1`). */ httpPutResponseHopLimit?: pulumi.Input; /** * Whether or not the metadata service requires session tokens, also referred to as _Instance Metadata Service Version 2 (IMDSv2)_. Can be `"optional"` or `"required"`. (Default: `"optional"`). */ httpTokens?: pulumi.Input; /** * Enables or disables access to instance tags from the instance metadata service. Can be `"enabled"` or `"disabled"`. * * For more information, see the documentation on the [Instance Metadata Service](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). */ instanceMetadataTags?: pulumi.Input; } export interface LaunchTemplateMonitoring { /** * If `true`, the launched EC2 instance will have detailed monitoring enabled. */ enabled?: pulumi.Input; } export interface LaunchTemplateNetworkInterface { /** * Associate a Carrier IP address with `eth0` for a new network interface. * Use this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. * Boolean value, can be left unset. */ associateCarrierIpAddress?: pulumi.Input; /** * Associate a public ip address with the network interface. * Boolean value, can be left unset. */ associatePublicIpAddress?: pulumi.Input; /** * Whether the network interface should be destroyed on instance termination. */ deleteOnTermination?: pulumi.Input; /** * Description of the network interface. */ description?: pulumi.Input; /** * The integer index of the network interface attachment. */ deviceIndex?: pulumi.Input; /** * The type of network interface. To create an Elastic Fabric Adapter (EFA), specify `efa`. */ interfaceType?: pulumi.Input; /** * The number of secondary private IPv4 addresses to assign to a network interface. Conflicts with `ipv4Addresses` */ ipv4AddressCount?: pulumi.Input; /** * One or more private IPv4 addresses to associate. Conflicts with `ipv4AddressCount` */ ipv4Addresses?: pulumi.Input[]>; /** * The number of IPv4 prefixes to be automatically assigned to the network interface. Conflicts with `ipv4Prefixes` */ ipv4PrefixCount?: pulumi.Input; /** * One or more IPv4 prefixes to be assigned to the network interface. Conflicts with `ipv4PrefixCount` */ ipv4Prefixes?: pulumi.Input[]>; /** * The number of IPv6 addresses to assign to a network interface. Conflicts with `ipv6Addresses` */ ipv6AddressCount?: pulumi.Input; /** * One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. Conflicts with `ipv6AddressCount` */ ipv6Addresses?: pulumi.Input[]>; /** * The number of IPv6 prefixes to be automatically assigned to the network interface. Conflicts with `ipv6Prefixes` */ ipv6PrefixCount?: pulumi.Input; /** * One or more IPv6 prefixes to be assigned to the network interface. Conflicts with `ipv6PrefixCount` */ ipv6Prefixes?: pulumi.Input[]>; /** * The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0. */ networkCardIndex?: pulumi.Input; /** * The ID of the network interface to attach. */ networkInterfaceId?: pulumi.Input; /** * The primary private IPv4 address. */ privateIpAddress?: pulumi.Input; /** * A list of security group IDs to associate. */ securityGroups?: pulumi.Input[]>; /** * The VPC Subnet ID to associate. */ subnetId?: pulumi.Input; } export interface LaunchTemplatePlacement { /** * The affinity setting for an instance on a Dedicated Host. */ affinity?: pulumi.Input; /** * The Availability Zone for the instance. */ availabilityZone?: pulumi.Input; /** * The name of the placement group for the instance. */ groupName?: pulumi.Input; /** * The ID of the Dedicated Host for the instance. */ hostId?: pulumi.Input; /** * The ARN of the Host Resource Group in which to launch instances. */ hostResourceGroupArn?: pulumi.Input; /** * The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition. */ partitionNumber?: pulumi.Input; /** * Reserved for future use. */ spreadDomain?: pulumi.Input; /** * The tenancy of the instance (if the instance is running in a VPC). Can be `default`, `dedicated`, or `host`. */ tenancy?: pulumi.Input; } export interface LaunchTemplatePrivateDnsNameOptions { /** * Indicates whether to respond to DNS queries for instance hostnames with DNS A records. */ enableResourceNameDnsARecord?: pulumi.Input; /** * Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. */ enableResourceNameDnsAaaaRecord?: pulumi.Input; /** * The type of hostname for Amazon EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 native subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. Valid values: `ip-name` and `resource-name`. */ hostnameType?: pulumi.Input; } export interface LaunchTemplateTagSpecification { /** * The type of resource to tag. */ resourceType?: pulumi.Input; /** * A map of tags to assign to the resource. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface ManagedPrefixListEntry { /** * CIDR block of this entry. */ cidr: pulumi.Input; /** * Description of this entry. Due to API limitations, updating only the description of an existing entry requires temporarily removing and re-adding the entry. */ description?: pulumi.Input; } export interface NetworkAclEgress { /** * The action to take. */ action: pulumi.Input; /** * The CIDR block to match. This must be a * valid network mask. */ cidrBlock?: pulumi.Input; /** * The from port to match. */ fromPort: pulumi.Input; /** * The ICMP type code to be used. Default 0. * * > Note: For more information on ICMP types and codes, see here: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml */ icmpCode?: pulumi.Input; /** * The ICMP type to be used. Default 0. */ icmpType?: pulumi.Input; /** * The IPv6 CIDR block. */ ipv6CidrBlock?: pulumi.Input; /** * The protocol to match. If using the -1 'all' * protocol, you must specify a from and to port of 0. */ protocol: pulumi.Input; /** * The rule number. Used for ordering. */ ruleNo: pulumi.Input; /** * The to port to match. */ toPort: pulumi.Input; } export interface NetworkAclIngress { /** * The action to take. */ action: pulumi.Input; /** * The CIDR block to match. This must be a * valid network mask. */ cidrBlock?: pulumi.Input; /** * The from port to match. */ fromPort: pulumi.Input; /** * The ICMP type code to be used. Default 0. * * > Note: For more information on ICMP types and codes, see here: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml */ icmpCode?: pulumi.Input; /** * The ICMP type to be used. Default 0. */ icmpType?: pulumi.Input; /** * The IPv6 CIDR block. */ ipv6CidrBlock?: pulumi.Input; /** * The protocol to match. If using the -1 'all' * protocol, you must specify a from and to port of 0. */ protocol: pulumi.Input; /** * The rule number. Used for ordering. */ ruleNo: pulumi.Input; /** * The to port to match. */ toPort: pulumi.Input; } export interface NetworkInsightsAnalysisAlternatePathHint { /** * The Amazon Resource Name (ARN) of the component. */ componentArn?: pulumi.Input; /** * The ID of the component. */ componentId?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanation { aclRules?: pulumi.Input[]>; acls?: pulumi.Input[]>; address?: pulumi.Input; addresses?: pulumi.Input[]>; attachedTos?: pulumi.Input[]>; availabilityZones?: pulumi.Input[]>; cidrs?: pulumi.Input[]>; classicLoadBalancerListeners?: pulumi.Input[]>; components?: pulumi.Input[]>; customerGateways?: pulumi.Input[]>; destinationVpcs?: pulumi.Input[]>; destinations?: pulumi.Input[]>; direction?: pulumi.Input; elasticLoadBalancerListeners?: pulumi.Input[]>; explanationCode?: pulumi.Input; ingressRouteTables?: pulumi.Input[]>; internetGateways?: pulumi.Input[]>; loadBalancerArn?: pulumi.Input; loadBalancerListenerPort?: pulumi.Input; loadBalancerTargetGroup?: pulumi.Input[]>; loadBalancerTargetGroups?: pulumi.Input[]>; loadBalancerTargetPort?: pulumi.Input; missingComponent?: pulumi.Input; natGateways?: pulumi.Input[]>; networkInterfaces?: pulumi.Input[]>; packetField?: pulumi.Input; port?: pulumi.Input; portRanges?: pulumi.Input[]>; prefixLists?: pulumi.Input[]>; protocols?: pulumi.Input[]>; routeTableRoutes?: pulumi.Input[]>; routeTables?: pulumi.Input[]>; securityGroup?: pulumi.Input[]>; securityGroupRules?: pulumi.Input[]>; securityGroups?: pulumi.Input[]>; sourceVpcs?: pulumi.Input[]>; state?: pulumi.Input; subnetRouteTables?: pulumi.Input[]>; subnets?: pulumi.Input[]>; transitGatewayAttachments?: pulumi.Input[]>; transitGatewayRouteTableRoutes?: pulumi.Input[]>; transitGatewayRouteTables?: pulumi.Input[]>; transitGateways?: pulumi.Input[]>; vpcEndpoints?: pulumi.Input[]>; vpcPeeringConnections?: pulumi.Input[]>; vpcs?: pulumi.Input[]>; vpnConnections?: pulumi.Input[]>; vpnGateways?: pulumi.Input[]>; } export interface NetworkInsightsAnalysisExplanationAcl { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationAclRule { cidr?: pulumi.Input; egress?: pulumi.Input; portRanges?: pulumi.Input[]>; protocol?: pulumi.Input; ruleAction?: pulumi.Input; ruleNumber?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationAclRulePortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationAttachedTo { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationClassicLoadBalancerListener { instancePort?: pulumi.Input; loadBalancerPort?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationComponent { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationCustomerGateway { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationDestination { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationDestinationVpc { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationElasticLoadBalancerListener { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationIngressRouteTable { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationInternetGateway { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationLoadBalancerTargetGroup { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationNatGateway { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationNetworkInterface { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationPortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationPrefixList { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationRouteTable { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationRouteTableRoute { destinationCidr?: pulumi.Input; destinationPrefixListId?: pulumi.Input; egressOnlyInternetGatewayId?: pulumi.Input; gatewayId?: pulumi.Input; instanceId?: pulumi.Input; natGatewayId?: pulumi.Input; networkInterfaceId?: pulumi.Input; origin?: pulumi.Input; transitGatewayId?: pulumi.Input; vpcPeeringConnectionId?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationSecurityGroup { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationSecurityGroupRule { cidr?: pulumi.Input; direction?: pulumi.Input; portRanges?: pulumi.Input[]>; prefixListId?: pulumi.Input; protocol?: pulumi.Input; securityGroupId?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationSecurityGroupRulePortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationSourceVpc { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationSubnet { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationSubnetRouteTable { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationTransitGateway { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationTransitGatewayAttachment { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationTransitGatewayRouteTable { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationTransitGatewayRouteTableRoute { attachmentId?: pulumi.Input; destinationCidr?: pulumi.Input; prefixListId?: pulumi.Input; resourceId?: pulumi.Input; resourceType?: pulumi.Input; routeOrigin?: pulumi.Input; state?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationVpc { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationVpcEndpoint { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationVpcPeeringConnection { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationVpnConnection { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisExplanationVpnGateway { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponent { aclRules?: pulumi.Input[]>; additionalDetails?: pulumi.Input[]>; attachedTos?: pulumi.Input[]>; components?: pulumi.Input[]>; destinationVpcs?: pulumi.Input[]>; inboundHeaders?: pulumi.Input[]>; outboundHeaders?: pulumi.Input[]>; routeTableRoutes?: pulumi.Input[]>; securityGroupRules?: pulumi.Input[]>; sequenceNumber?: pulumi.Input; sourceVpcs?: pulumi.Input[]>; subnets?: pulumi.Input[]>; transitGatewayRouteTableRoutes?: pulumi.Input[]>; transitGateways?: pulumi.Input[]>; vpcs?: pulumi.Input[]>; } export interface NetworkInsightsAnalysisForwardPathComponentAclRule { cidr?: pulumi.Input; egress?: pulumi.Input; portRanges?: pulumi.Input[]>; protocol?: pulumi.Input; ruleAction?: pulumi.Input; ruleNumber?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentAclRulePortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentAdditionalDetail { additionalDetailType?: pulumi.Input; components?: pulumi.Input[]>; } export interface NetworkInsightsAnalysisForwardPathComponentAdditionalDetailComponent { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentAttachedTo { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentComponent { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentDestinationVpc { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentInboundHeader { destinationAddresses?: pulumi.Input[]>; destinationPortRanges?: pulumi.Input[]>; protocol?: pulumi.Input; sourceAddresses?: pulumi.Input[]>; sourcePortRanges?: pulumi.Input[]>; } export interface NetworkInsightsAnalysisForwardPathComponentInboundHeaderDestinationPortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentInboundHeaderSourcePortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentOutboundHeader { destinationAddresses?: pulumi.Input[]>; destinationPortRanges?: pulumi.Input[]>; protocol?: pulumi.Input; sourceAddresses?: pulumi.Input[]>; sourcePortRanges?: pulumi.Input[]>; } export interface NetworkInsightsAnalysisForwardPathComponentOutboundHeaderDestinationPortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentOutboundHeaderSourcePortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentRouteTableRoute { destinationCidr?: pulumi.Input; destinationPrefixListId?: pulumi.Input; egressOnlyInternetGatewayId?: pulumi.Input; gatewayId?: pulumi.Input; instanceId?: pulumi.Input; natGatewayId?: pulumi.Input; networkInterfaceId?: pulumi.Input; origin?: pulumi.Input; transitGatewayId?: pulumi.Input; vpcPeeringConnectionId?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentSecurityGroupRule { cidr?: pulumi.Input; direction?: pulumi.Input; portRanges?: pulumi.Input[]>; prefixListId?: pulumi.Input; protocol?: pulumi.Input; securityGroupId?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentSecurityGroupRulePortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentSourceVpc { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentSubnet { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentTransitGateway { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentTransitGatewayRouteTableRoute { attachmentId?: pulumi.Input; destinationCidr?: pulumi.Input; prefixListId?: pulumi.Input; resourceId?: pulumi.Input; resourceType?: pulumi.Input; routeOrigin?: pulumi.Input; state?: pulumi.Input; } export interface NetworkInsightsAnalysisForwardPathComponentVpc { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponent { aclRules?: pulumi.Input[]>; additionalDetails?: pulumi.Input[]>; attachedTos?: pulumi.Input[]>; components?: pulumi.Input[]>; destinationVpcs?: pulumi.Input[]>; inboundHeaders?: pulumi.Input[]>; outboundHeaders?: pulumi.Input[]>; routeTableRoutes?: pulumi.Input[]>; securityGroupRules?: pulumi.Input[]>; sequenceNumber?: pulumi.Input; sourceVpcs?: pulumi.Input[]>; subnets?: pulumi.Input[]>; transitGatewayRouteTableRoutes?: pulumi.Input[]>; transitGateways?: pulumi.Input[]>; vpcs?: pulumi.Input[]>; } export interface NetworkInsightsAnalysisReturnPathComponentAclRule { cidr?: pulumi.Input; egress?: pulumi.Input; portRanges?: pulumi.Input[]>; protocol?: pulumi.Input; ruleAction?: pulumi.Input; ruleNumber?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentAclRulePortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentAdditionalDetail { additionalDetailType?: pulumi.Input; components?: pulumi.Input[]>; } export interface NetworkInsightsAnalysisReturnPathComponentAdditionalDetailComponent { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentAttachedTo { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentComponent { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentDestinationVpc { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentInboundHeader { destinationAddresses?: pulumi.Input[]>; destinationPortRanges?: pulumi.Input[]>; protocol?: pulumi.Input; sourceAddresses?: pulumi.Input[]>; sourcePortRanges?: pulumi.Input[]>; } export interface NetworkInsightsAnalysisReturnPathComponentInboundHeaderDestinationPortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentInboundHeaderSourcePortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentOutboundHeader { destinationAddresses?: pulumi.Input[]>; destinationPortRanges?: pulumi.Input[]>; protocol?: pulumi.Input; sourceAddresses?: pulumi.Input[]>; sourcePortRanges?: pulumi.Input[]>; } export interface NetworkInsightsAnalysisReturnPathComponentOutboundHeaderDestinationPortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentOutboundHeaderSourcePortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentRouteTableRoute { destinationCidr?: pulumi.Input; destinationPrefixListId?: pulumi.Input; egressOnlyInternetGatewayId?: pulumi.Input; gatewayId?: pulumi.Input; instanceId?: pulumi.Input; natGatewayId?: pulumi.Input; networkInterfaceId?: pulumi.Input; origin?: pulumi.Input; transitGatewayId?: pulumi.Input; vpcPeeringConnectionId?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentSecurityGroupRule { cidr?: pulumi.Input; direction?: pulumi.Input; portRanges?: pulumi.Input[]>; prefixListId?: pulumi.Input; protocol?: pulumi.Input; securityGroupId?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentSecurityGroupRulePortRange { from?: pulumi.Input; to?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentSourceVpc { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentSubnet { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentTransitGateway { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentTransitGatewayRouteTableRoute { attachmentId?: pulumi.Input; destinationCidr?: pulumi.Input; prefixListId?: pulumi.Input; resourceId?: pulumi.Input; resourceType?: pulumi.Input; routeOrigin?: pulumi.Input; state?: pulumi.Input; } export interface NetworkInsightsAnalysisReturnPathComponentVpc { /** * ARN of the Network Insights Analysis. */ arn?: pulumi.Input; /** * ID of the Network Insights Analysis. */ id?: pulumi.Input; name?: pulumi.Input; } export interface NetworkInterfaceAttachment { attachmentId?: pulumi.Input; /** * Integer to define the devices index. */ deviceIndex: pulumi.Input; /** * ID of the instance to attach to. */ instance: pulumi.Input; } export interface PeeringConnectionOptionsAccepter { /** * Allow a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC. */ allowRemoteVpcDnsResolution?: pulumi.Input; } export interface PeeringConnectionOptionsRequester { /** * Allow a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC. */ allowRemoteVpcDnsResolution?: pulumi.Input; } export interface RouteTableRoute { /** * Identifier of a carrier gateway. This attribute can only be used when the VPC contains a subnet which is associated with a Wavelength Zone. */ carrierGatewayId?: pulumi.Input; /** * The CIDR block of the route. */ cidrBlock?: pulumi.Input; /** * The Amazon Resource Name (ARN) of a core network. */ coreNetworkArn?: pulumi.Input; /** * The ID of a managed prefix list destination of the route. * * One of the following target arguments must be supplied: */ destinationPrefixListId?: pulumi.Input; /** * Identifier of a VPC Egress Only Internet Gateway. */ egressOnlyGatewayId?: pulumi.Input; /** * Identifier of a VPC internet gateway, virtual private gateway, or `local`. `local` routes cannot be created but can be adopted or imported. See the example above. */ gatewayId?: pulumi.Input; /** * The Ipv6 CIDR block of the route. */ ipv6CidrBlock?: pulumi.Input; /** * Identifier of a Outpost local gateway. */ localGatewayId?: pulumi.Input; /** * Identifier of a VPC NAT gateway. */ natGatewayId?: pulumi.Input; /** * Identifier of an EC2 network interface. */ networkInterfaceId?: pulumi.Input; /** * Identifier of an EC2 Transit Gateway. */ transitGatewayId?: pulumi.Input; /** * Identifier of a VPC Endpoint. */ vpcEndpointId?: pulumi.Input; /** * Identifier of a VPC peering connection. * * Note that the default route, mapping the VPC's CIDR block to "local", is created implicitly and cannot be specified. */ vpcPeeringConnectionId?: pulumi.Input; } export interface SecurityGroupEgress { /** * List of CIDR blocks. */ cidrBlocks?: pulumi.Input[]>; /** * Description of this egress rule. */ description?: pulumi.Input; /** * Start port (or ICMP type number if protocol is `icmp`) */ fromPort: pulumi.Input; /** * List of IPv6 CIDR blocks. */ ipv6CidrBlocks?: pulumi.Input[]>; /** * List of Prefix List IDs. */ prefixListIds?: pulumi.Input[]>; /** * Protocol. If you select a protocol of `-1` (semantically equivalent to `all`, which is not a valid value here), you must specify a `fromPort` and `toPort` equal to 0. The supported values are defined in the `IpProtocol` argument in the [IpPermission](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IpPermission.html) API reference. */ protocol: pulumi.Input; /** * List of security groups. A group name can be used relative to the default VPC. Otherwise, group ID. */ securityGroups?: pulumi.Input[]>; /** * Whether the security group itself will be added as a source to this egress rule. */ self?: pulumi.Input; /** * End range port (or ICMP code if protocol is `icmp`). * * The following arguments are optional: * * > **Note** Although `cidrBlocks`, `ipv6CidrBlocks`, `prefixListIds`, and `securityGroups` are all marked as optional, you _must_ provide one of them in order to configure the destination of the traffic. */ toPort: pulumi.Input; } export interface SecurityGroupIngress { /** * List of CIDR blocks. */ cidrBlocks?: pulumi.Input[]>; /** * Description of this ingress rule. */ description?: pulumi.Input; /** * Start port (or ICMP type number if protocol is `icmp` or `icmpv6`). */ fromPort: pulumi.Input; /** * List of IPv6 CIDR blocks. */ ipv6CidrBlocks?: pulumi.Input[]>; /** * List of Prefix List IDs. */ prefixListIds?: pulumi.Input[]>; /** * Protocol. If you select a protocol of `-1` (semantically equivalent to `all`, which is not a valid value here), you must specify a `fromPort` and `toPort` equal to 0. The supported values are defined in the `IpProtocol` argument on the [IpPermission](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IpPermission.html) API reference. * * The following arguments are optional: * * > **Note** Although `cidrBlocks`, `ipv6CidrBlocks`, `prefixListIds`, and `securityGroups` are all marked as optional, you _must_ provide one of them in order to configure the source of the traffic. */ protocol: pulumi.Input; /** * List of security groups. A group name can be used relative to the default VPC. Otherwise, group ID. */ securityGroups?: pulumi.Input[]>; /** * Whether the security group itself will be added as a source to this ingress rule. */ self?: pulumi.Input; /** * End range port (or ICMP code if protocol is `icmp`). */ toPort: pulumi.Input; } export interface SpotFleetRequestLaunchSpecification { ami: pulumi.Input; associatePublicIpAddress?: pulumi.Input; /** * The availability zone in which to place the request. */ availabilityZone?: pulumi.Input; ebsBlockDevices?: pulumi.Input[]>; ebsOptimized?: pulumi.Input; ephemeralBlockDevices?: pulumi.Input[]>; iamInstanceProfile?: pulumi.Input; iamInstanceProfileArn?: pulumi.Input; /** * The type of instance to request. */ instanceType: pulumi.Input; keyName?: pulumi.Input; monitoring?: pulumi.Input; placementGroup?: pulumi.Input; placementTenancy?: pulumi.Input; rootBlockDevices?: pulumi.Input[]>; /** * The maximum bid price per unit hour. */ spotPrice?: pulumi.Input; /** * The subnet in which to launch the requested instance. */ subnetId?: pulumi.Input; /** * A map of tags to assign to the resource. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; userData?: pulumi.Input; vpcSecurityGroupIds?: pulumi.Input[]>; /** * The capacity added to the fleet by a fulfilled request. */ weightedCapacity?: pulumi.Input; } export interface SpotFleetRequestLaunchSpecificationEbsBlockDevice { deleteOnTermination?: pulumi.Input; deviceName: pulumi.Input; encrypted?: pulumi.Input; iops?: pulumi.Input; kmsKeyId?: pulumi.Input; snapshotId?: pulumi.Input; throughput?: pulumi.Input; volumeSize?: pulumi.Input; volumeType?: pulumi.Input; } export interface SpotFleetRequestLaunchSpecificationEphemeralBlockDevice { deviceName: pulumi.Input; virtualName: pulumi.Input; } export interface SpotFleetRequestLaunchSpecificationRootBlockDevice { deleteOnTermination?: pulumi.Input; encrypted?: pulumi.Input; iops?: pulumi.Input; kmsKeyId?: pulumi.Input; throughput?: pulumi.Input; volumeSize?: pulumi.Input; volumeType?: pulumi.Input; } export interface SpotFleetRequestLaunchTemplateConfig { /** * Launch template specification. See Launch Template Specification below for more details. */ launchTemplateSpecification: pulumi.Input; /** * One or more override configurations. See Overrides below for more details. */ overrides?: pulumi.Input[]>; } export interface SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecification { /** * The ID of the launch template. Conflicts with `name`. */ id?: pulumi.Input; /** * The name of the launch template. Conflicts with `id`. */ name?: pulumi.Input; /** * Template version. Unlike the autoscaling equivalent, does not support `$Latest` or `$Default`, so use the launchTemplate resource's attribute, e.g., `"${aws_launch_template.foo.latest_version}"`. It will use the default version if omitted. * * **Note:** The specified launch template can specify only a subset of the * inputs of `aws.ec2.LaunchTemplate`. There are limitations on * what you can specify as spot fleet does not support all the attributes that are supported by autoscaling groups. [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#launch-templates-spot-fleet) is currently sparse, but at least `instanceInitiatedShutdownBehavior` is confirmed unsupported. */ version?: pulumi.Input; } export interface SpotFleetRequestLaunchTemplateConfigOverride { /** * The availability zone in which to place the request. */ availabilityZone?: pulumi.Input; /** * The instance requirements. See below. */ instanceRequirements?: pulumi.Input; /** * The type of instance to request. */ instanceType?: pulumi.Input; /** * The priority for the launch template override. The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. */ priority?: pulumi.Input; /** * The maximum spot bid for this override request. */ spotPrice?: pulumi.Input; /** * The subnet in which to launch the requested instance. */ subnetId?: pulumi.Input; /** * The capacity added to the fleet by a fulfilled request. */ weightedCapacity?: pulumi.Input; } export interface SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirements { /** * Block describing the minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips). Default is no minimum or maximum. */ acceleratorCount?: pulumi.Input; /** * List of accelerator manufacturer names. Default is any manufacturer. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ acceleratorManufacturers?: pulumi.Input[]>; /** * List of accelerator names. Default is any acclerator. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ acceleratorNames?: pulumi.Input[]>; /** * Block describing the minimum and maximum total memory of the accelerators. Default is no minimum or maximum. */ acceleratorTotalMemoryMib?: pulumi.Input; /** * List of accelerator types. Default is any accelerator type. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ acceleratorTypes?: pulumi.Input[]>; /** * List of instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. You can use strings with one or more wild cards, represented by an asterisk (\*), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are allowing the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are allowing all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is all instance types. * * > **NOTE:** If you specify `allowedInstanceTypes`, you can't specify `excludedInstanceTypes`. */ allowedInstanceTypes?: pulumi.Input[]>; /** * Indicate whether bare metal instace types should be `included`, `excluded`, or `required`. Default is `excluded`. */ bareMetal?: pulumi.Input; /** * Block describing the minimum and maximum baseline EBS bandwidth, in Mbps. Default is no minimum or maximum. */ baselineEbsBandwidthMbps?: pulumi.Input; /** * Indicate whether burstable performance instance types should be `included`, `excluded`, or `required`. Default is `excluded`. */ burstablePerformance?: pulumi.Input; /** * List of CPU manufacturer names. Default is any manufacturer. * * > **NOTE:** Don't confuse the CPU hardware manufacturer with the CPU hardware architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ cpuManufacturers?: pulumi.Input[]>; /** * List of instance types to exclude. You can use strings with one or more wild cards, represented by an asterisk (\*), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are excluding all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is no excluded instance types. * * > **NOTE:** If you specify `excludedInstanceTypes`, you can't specify `allowedInstanceTypes`. */ excludedInstanceTypes?: pulumi.Input[]>; /** * List of instance generation names. Default is any generation. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ instanceGenerations?: pulumi.Input[]>; /** * Indicate whether instance types with local storage volumes are `included`, `excluded`, or `required`. Default is `included`. */ localStorage?: pulumi.Input; /** * List of local storage type names. Default any storage type. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * ``` */ localStorageTypes?: pulumi.Input[]>; /** * Block describing the minimum and maximum amount of memory (GiB) per vCPU. Default is no minimum or maximum. */ memoryGibPerVcpu?: pulumi.Input; /** * Block describing the minimum and maximum amount of memory (MiB). Default is no maximum. */ memoryMib?: pulumi.Input; /** * Block describing the minimum and maximum amount of network bandwidth, in gigabits per second (Gbps). Default is no minimum or maximum. */ networkBandwidthGbps?: pulumi.Input; /** * Block describing the minimum and maximum number of network interfaces. Default is no minimum or maximum. */ networkInterfaceCount?: pulumi.Input; /** * The price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 20. * * If you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price. */ onDemandMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Indicate whether instance types must support On-Demand Instance Hibernation, either `true` or `false`. Default is `false`. */ requireHibernateSupport?: pulumi.Input; /** * The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 100. * * If you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price. */ spotMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Block describing the minimum and maximum total local storage (GB). Default is no minimum or maximum. */ totalLocalStorageGb?: pulumi.Input; /** * Block describing the minimum and maximum number of vCPUs. Default is no maximum. */ vcpuCount?: pulumi.Input; } export interface SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorCount { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorTotalMemoryMib { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsBaselineEbsBandwidthMbps { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsMemoryGibPerVcpu { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsMemoryMib { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsNetworkBandwidthGbps { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsNetworkInterfaceCount { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsTotalLocalStorageGb { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface SpotFleetRequestLaunchTemplateConfigOverrideInstanceRequirementsVcpuCount { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface SpotFleetRequestSpotMaintenanceStrategies { /** * Nested argument containing the capacity rebalance for your fleet request. Defined below. */ capacityRebalance?: pulumi.Input; } export interface SpotFleetRequestSpotMaintenanceStrategiesCapacityRebalance { /** * The replacement strategy to use. Only available for spot fleets with `fleetType` set to `maintain`. Valid values: `launch`. */ replacementStrategy?: pulumi.Input; } export interface SpotInstanceRequestCapacityReservationSpecification { /** * Indicates the instance's Capacity Reservation preferences. Can be `"open"` or `"none"`. (Default: `"open"`). */ capacityReservationPreference?: pulumi.Input; /** * Information about the target Capacity Reservation. See Capacity Reservation Target below for more details. * * For more information, see the documentation on [Capacity Reservations](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-reservations-using.html). */ capacityReservationTarget?: pulumi.Input; } export interface SpotInstanceRequestCapacityReservationSpecificationCapacityReservationTarget { /** * ID of the Capacity Reservation in which to run the instance. */ capacityReservationId?: pulumi.Input; /** * ARN of the Capacity Reservation resource group in which to run the instance. */ capacityReservationResourceGroupArn?: pulumi.Input; } export interface SpotInstanceRequestCpuOptions { /** * Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. Valid values are `enabled` and `disabled`. */ amdSevSnp?: pulumi.Input; /** * Sets the number of CPU cores for an instance. This option is only supported on creation of instance type that support CPU Options [CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API. */ coreCount?: pulumi.Input; /** * If set to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information. * * For more information, see the documentation on [Optimizing CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html). */ threadsPerCore?: pulumi.Input; } export interface SpotInstanceRequestCreditSpecification { /** * Credit option for CPU usage. Valid values include `standard` or `unlimited`. T3 instances are launched as unlimited by default. T2 instances are launched as standard by default. */ cpuCredits?: pulumi.Input; } export interface SpotInstanceRequestEbsBlockDevice { /** * Whether the volume should be destroyed on instance termination. Defaults to `true`. */ deleteOnTermination?: pulumi.Input; /** * Name of the device to mount. */ deviceName: pulumi.Input; /** * Enables [EBS encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) on the volume. Defaults to `false`. Cannot be used with `snapshotId`. Must be configured to perform drift detection. */ encrypted?: pulumi.Input; /** * Amount of provisioned [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html). Only valid for volumeType of `io1`, `io2` or `gp3`. */ iops?: pulumi.Input; /** * Amazon Resource Name (ARN) of the KMS Key to use when encrypting the volume. Must be configured to perform drift detection. */ kmsKeyId?: pulumi.Input; /** * Snapshot ID to mount. */ snapshotId?: pulumi.Input; /** * Map of tags to assign to the device. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Throughput to provision for a volume in mebibytes per second (MiB/s). This is only valid for `volumeType` of `gp3`. */ throughput?: pulumi.Input; volumeId?: pulumi.Input; /** * Size of the volume in gibibytes (GiB). */ volumeSize?: pulumi.Input; /** * Type of volume. Valid values include `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1`, or `st1`. Defaults to `gp2`. * * > **NOTE:** Currently, changes to the `ebsBlockDevice` configuration of _existing_ resources cannot be automatically detected by this provider. To manage changes and attachments of an EBS block to an instance, use the `aws.ebs.Volume` and `aws.ec2.VolumeAttachment` resources instead. If you use `ebsBlockDevice` on an `aws.ec2.Instance`, this provider will assume management over the full set of non-root EBS block devices for the instance, treating additional block devices as drift. For this reason, `ebsBlockDevice` cannot be mixed with external `aws.ebs.Volume` and `aws.ec2.VolumeAttachment` resources for a given instance. */ volumeType?: pulumi.Input; } export interface SpotInstanceRequestEnclaveOptions { /** * Whether Nitro Enclaves will be enabled on the instance. Defaults to `false`. * * For more information, see the documentation on [Nitro Enclaves](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html). */ enabled?: pulumi.Input; } export interface SpotInstanceRequestEphemeralBlockDevice { /** * Name of the block device to mount on the instance. */ deviceName: pulumi.Input; /** * Suppresses the specified device included in the AMI's block device mapping. */ noDevice?: pulumi.Input; /** * [Instance Store Device Name](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames) (e.g., `ephemeral0`). * * Each AWS Instance type has a different set of Instance Store block devices available for attachment. AWS [publishes a list](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#StorageOnInstanceTypes) of which ephemeral devices are available on each type. The devices are always identified by the `virtualName` in the format `ephemeral{0..N}`. */ virtualName?: pulumi.Input; } export interface SpotInstanceRequestLaunchTemplate { /** * ID of the launch template. Conflicts with `name`. */ id?: pulumi.Input; /** * Name of the launch template. Conflicts with `id`. */ name?: pulumi.Input; /** * Template version. Can be a specific version number, `$Latest` or `$Default`. The default value is `$Default`. */ version?: pulumi.Input; } export interface SpotInstanceRequestMaintenanceOptions { /** * Automatic recovery behavior of the Instance. Can be `"default"` or `"disabled"`. See [Recover your instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-recover.html) for more details. */ autoRecovery?: pulumi.Input; } export interface SpotInstanceRequestMetadataOptions { /** * Whether the metadata service is available. Valid values include `enabled` or `disabled`. Defaults to `enabled`. */ httpEndpoint?: pulumi.Input; /** * Whether the IPv6 endpoint for the instance metadata service is enabled. Defaults to `disabled`. */ httpProtocolIpv6?: pulumi.Input; /** * Desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Valid values are integer from `1` to `64`. Defaults to `1`. */ httpPutResponseHopLimit?: pulumi.Input; /** * Whether or not the metadata service requires session tokens, also referred to as _Instance Metadata Service Version 2 (IMDSv2)_. Valid values include `optional` or `required`. Defaults to `optional`. */ httpTokens?: pulumi.Input; /** * Enables or disables access to instance tags from the instance metadata service. Valid values include `enabled` or `disabled`. Defaults to `disabled`. * * For more information, see the documentation on the [Instance Metadata Service](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). */ instanceMetadataTags?: pulumi.Input; } export interface SpotInstanceRequestNetworkInterface { /** * Whether or not to delete the network interface on instance termination. Defaults to `false`. Currently, the only valid value is `false`, as this is only supported when creating new network interfaces when launching an instance. */ deleteOnTermination?: pulumi.Input; /** * Integer index of the network interface attachment. Limited by instance type. */ deviceIndex: pulumi.Input; /** * Integer index of the network card. Limited by instance type. The default index is `0`. */ networkCardIndex?: pulumi.Input; /** * ID of the network interface to attach. */ networkInterfaceId: pulumi.Input; } export interface SpotInstanceRequestPrivateDnsNameOptions { /** * Indicates whether to respond to DNS queries for instance hostnames with DNS A records. */ enableResourceNameDnsARecord?: pulumi.Input; /** * Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. */ enableResourceNameDnsAaaaRecord?: pulumi.Input; /** * Type of hostname for Amazon EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 native subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. Valid values: `ip-name` and `resource-name`. */ hostnameType?: pulumi.Input; } export interface SpotInstanceRequestRootBlockDevice { /** * Whether the volume should be destroyed on instance termination. Defaults to `true`. */ deleteOnTermination?: pulumi.Input; /** * Name of the device to mount. */ deviceName?: pulumi.Input; /** * Whether to enable volume encryption. Defaults to `false`. Must be configured to perform drift detection. */ encrypted?: pulumi.Input; /** * Amount of provisioned [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html). Only valid for volumeType of `io1`, `io2` or `gp3`. */ iops?: pulumi.Input; /** * Amazon Resource Name (ARN) of the KMS Key to use when encrypting the volume. Must be configured to perform drift detection. */ kmsKeyId?: pulumi.Input; /** * Map of tags to assign to the device. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Throughput to provision for a volume in mebibytes per second (MiB/s). This is only valid for `volumeType` of `gp3`. */ throughput?: pulumi.Input; volumeId?: pulumi.Input; /** * Size of the volume in gibibytes (GiB). */ volumeSize?: pulumi.Input; /** * Type of volume. Valid values include `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1`, or `st1`. Defaults to `gp2`. * * Modifying the `encrypted` or `kmsKeyId` settings of the `rootBlockDevice` requires resource replacement. */ volumeType?: pulumi.Input; } export interface TrafficMirrorFilterRuleDestinationPortRange { /** * Starting port of the range */ fromPort?: pulumi.Input; /** * Ending port of the range */ toPort?: pulumi.Input; } export interface TrafficMirrorFilterRuleSourcePortRange { /** * Starting port of the range */ fromPort?: pulumi.Input; /** * Ending port of the range */ toPort?: pulumi.Input; } export interface VpcEndpointDnsEntry { /** * The DNS name. */ dnsName?: pulumi.Input; /** * The ID of the private hosted zone. */ hostedZoneId?: pulumi.Input; } export interface VpcEndpointDnsOptions { /** * The DNS records created for the endpoint. Valid values are `ipv4`, `dualstack`, `service-defined`, and `ipv6`. */ dnsRecordIpType?: pulumi.Input; /** * Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. Default is `false`. Can only be specified if privateDnsEnabled is `true`. */ privateDnsOnlyForInboundResolverEndpoint?: pulumi.Input; } export interface VpcEndpointServicePrivateDnsNameConfiguration { /** * Name of the record subdomain the service provider needs to create. */ name?: pulumi.Input; /** * Verification state of the VPC endpoint service. Consumers of the endpoint service can use the private name only when the state is `verified`. */ state?: pulumi.Input; /** * Endpoint service verification type, for example `TXT`. */ type?: pulumi.Input; /** * Value the service provider adds to the private DNS name domain record before verification. */ value?: pulumi.Input; } export interface VpcIpamOperatingRegion { /** * The name of the Region you want to add to the IPAM. */ regionName: pulumi.Input; } export interface VpcIpamPoolCidrCidrAuthorizationContext { /** * The plain-text authorization message for the prefix and account. */ message?: pulumi.Input; /** * The signed authorization message for the prefix and account. */ signature?: pulumi.Input; } export interface VpcIpamResourceDiscoveryOperatingRegion { /** * The name of the Region you want to add to the IPAM. */ regionName: pulumi.Input; } export interface VpcPeeringConnectionAccepter { /** * Allow a local VPC to resolve public DNS hostnames to * private IP addresses when queried from instances in the peer VPC. */ allowRemoteVpcDnsResolution?: pulumi.Input; } export interface VpcPeeringConnectionAccepterAccepter { /** * Indicates whether a local VPC can resolve public DNS hostnames to * private IP addresses when queried from instances in a peer VPC. */ allowRemoteVpcDnsResolution?: pulumi.Input; } export interface VpcPeeringConnectionAccepterRequester { /** * Indicates whether a local VPC can resolve public DNS hostnames to * private IP addresses when queried from instances in a peer VPC. */ allowRemoteVpcDnsResolution?: pulumi.Input; } export interface VpcPeeringConnectionRequester { /** * Allow a local VPC to resolve public DNS hostnames to * private IP addresses when queried from instances in the peer VPC. */ allowRemoteVpcDnsResolution?: pulumi.Input; } export interface VpnConnectionRoute { /** * The CIDR block associated with the local subnet of the customer data center. */ destinationCidrBlock?: pulumi.Input; /** * Indicates how the routes were provided. */ source?: pulumi.Input; /** * The current state of the static route. */ state?: pulumi.Input; } export interface VpnConnectionTunnel1LogOptions { /** * Options for sending VPN tunnel logs to CloudWatch. See CloudWatch Log Options below for more details. */ cloudwatchLogOptions?: pulumi.Input; } export interface VpnConnectionTunnel1LogOptionsCloudwatchLogOptions { /** * Enable or disable VPN tunnel logging feature. The default is `false`. */ logEnabled?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the CloudWatch log group to send logs to. */ logGroupArn?: pulumi.Input; /** * Set log format. Default format is json. Possible values are: `json` and `text`. The default is `json`. */ logOutputFormat?: pulumi.Input; } export interface VpnConnectionTunnel2LogOptions { /** * Options for sending VPN tunnel logs to CloudWatch. See CloudWatch Log Options below for more details. */ cloudwatchLogOptions?: pulumi.Input; } export interface VpnConnectionTunnel2LogOptionsCloudwatchLogOptions { /** * Enable or disable VPN tunnel logging feature. The default is `false`. */ logEnabled?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the CloudWatch log group to send logs to. */ logGroupArn?: pulumi.Input; /** * Set log format. Default format is json. Possible values are: `json` and `text`. The default is `json`. */ logOutputFormat?: pulumi.Input; } export interface VpnConnectionVgwTelemetry { /** * The number of accepted routes. */ acceptedRouteCount?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the VPN tunnel endpoint certificate. */ certificateArn?: pulumi.Input; /** * The date and time of the last change in status. */ lastStatusChange?: pulumi.Input; /** * The Internet-routable IP address of the virtual private gateway's outside interface. */ outsideIpAddress?: pulumi.Input; /** * The status of the VPN tunnel. */ status?: pulumi.Input; /** * If an error occurs, a description of the error. */ statusMessage?: pulumi.Input; } } export namespace ec2clientvpn { export interface EndpointAuthenticationOption { /** * The ID of the Active Directory to be used for authentication if type is `directory-service-authentication`. */ activeDirectoryId?: pulumi.Input; /** * The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM). Only necessary when type is set to `certificate-authentication`. */ rootCertificateChainArn?: pulumi.Input; /** * The ARN of the IAM SAML identity provider if type is `federated-authentication`. */ samlProviderArn?: pulumi.Input; /** * The ARN of the IAM SAML identity provider for the self service portal if type is `federated-authentication`. */ selfServiceSamlProviderArn?: pulumi.Input; /** * The type of client authentication to be used. Specify `certificate-authentication` to use certificate-based authentication, `directory-service-authentication` to use Active Directory authentication, or `federated-authentication` to use Federated Authentication via SAML 2.0. */ type: pulumi.Input; } export interface EndpointClientConnectOptions { /** * Indicates whether client connect options are enabled. The default is `false` (not enabled). */ enabled?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Lambda function used for connection authorization. */ lambdaFunctionArn?: pulumi.Input; } export interface EndpointClientLoginBannerOptions { /** * Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established. UTF-8 encoded characters only. Maximum of 1400 characters. */ bannerText?: pulumi.Input; /** * Enable or disable a customizable text banner that will be displayed on AWS provided clients when a VPN session is established. The default is `false` (not enabled). */ enabled?: pulumi.Input; } export interface EndpointConnectionLogOptions { /** * The name of the CloudWatch Logs log group. */ cloudwatchLogGroup?: pulumi.Input; /** * The name of the CloudWatch Logs log stream to which the connection data is published. */ cloudwatchLogStream?: pulumi.Input; /** * Indicates whether connection logging is enabled. */ enabled: pulumi.Input; } export interface GetEndpointFilter { /** * Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClientVpnEndpoints.html). */ name: string; /** * Set of values that are accepted for the given field. An endpoint will be selected if any one of the given values matches. */ values: string[]; } export interface GetEndpointFilterArgs { /** * Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClientVpnEndpoints.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. An endpoint will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } } export namespace ec2transitgateway { export interface GetAttachmentFilter { /** * Name of the field to filter by, as defined by the [underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html). */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetAttachmentFilterArgs { /** * Name of the field to filter by, as defined by the [underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html). */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetAttachmentsFilter { /** * Name of the filter check available value on [official documentation](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html) */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetAttachmentsFilterArgs { /** * Name of the filter check available value on [official documentation](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html) */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetConnectFilter { /** * Name of the filter. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetConnectFilterArgs { /** * Name of the filter. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetConnectPeerFilter { /** * Name of the filter. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetConnectPeerFilterArgs { /** * Name of the filter. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetDirectConnectGatewayAttachmentFilter { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeTransitGatewayAttachments API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html). */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetDirectConnectGatewayAttachmentFilterArgs { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeTransitGatewayAttachments API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetMulticastDomainFilter { /** * Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayMulticastDomains.html). */ name: string; /** * Set of values that are accepted for the given field. A multicast domain will be selected if any one of the given values matches. */ values: string[]; } export interface GetMulticastDomainFilterArgs { /** * Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayMulticastDomains.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. A multicast domain will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetPeeringAttachmentFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayPeeringAttachments.html). */ name: string; /** * Set of values that are accepted for the given field. * An EC2 Transit Gateway Peering Attachment be selected if any one of the given values matches. */ values: string[]; } export interface GetPeeringAttachmentFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayPeeringAttachments.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * An EC2 Transit Gateway Peering Attachment be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetRouteTableAssociationsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayRouteTableAssociations.html). */ name: string; /** * Set of values that are accepted for the given field. * A Transit Gateway Route Table will be selected if any one of the given values matches. */ values: string[]; } export interface GetRouteTableAssociationsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayRouteTableAssociations.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Transit Gateway Route Table will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetRouteTableFilter { /** * Name of the filter. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetRouteTableFilterArgs { /** * Name of the filter. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetRouteTablePropagationsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayRouteTablePropagations.html). */ name: string; /** * Set of values that are accepted for the given field. * A Transit Gateway Route Table will be selected if any one of the given values matches. */ values: string[]; } export interface GetRouteTablePropagationsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayRouteTablePropagations.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Transit Gateway Route Table will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetRouteTableRoutesFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SearchTransitGatewayRoutes.html). */ name: string; /** * Set of values that are accepted for the given field. */ values: string[]; } export interface GetRouteTableRoutesFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SearchTransitGatewayRoutes.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. */ values: pulumi.Input[]>; } export interface GetTransitGatewayFilter { /** * Name of the field to filter by, as defined by the [underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html). */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetTransitGatewayFilterArgs { /** * Name of the field to filter by, as defined by the [underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html). */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetVpcAttachmentFilter { /** * Name of the filter. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetVpcAttachmentFilterArgs { /** * Name of the filter. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetVpcAttachmentsFilter { /** * Name of the filter check available value on [official documentation](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayVpcAttachments.html) */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetVpcAttachmentsFilterArgs { /** * Name of the filter check available value on [official documentation](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayVpcAttachments.html) */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetVpnAttachmentFilter { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeTransitGatewayAttachments API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html). */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetVpnAttachmentFilterArgs { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeTransitGatewayAttachments API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface InstanceConnectEndpointTimeouts { create?: pulumi.Input; delete?: pulumi.Input; } } export namespace ecr { export interface RegistryScanningConfigurationRule { /** * One or more repository filter blocks, containing a `filter` (required string filtering repositories, see pattern regex [here](https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_ScanningRepositoryFilter.html)) and a `filterType` (required string, currently only `WILDCARD` is supported). */ repositoryFilters: pulumi.Input[]>; /** * The frequency that scans are performed at for a private registry. Can be `SCAN_ON_PUSH`, `CONTINUOUS_SCAN`, or `MANUAL`. */ scanFrequency: pulumi.Input; } export interface RegistryScanningConfigurationRuleRepositoryFilter { filter: pulumi.Input; filterType: pulumi.Input; } export interface ReplicationConfigurationReplicationConfiguration { /** * The replication rules for a replication configuration. A maximum of 10 are allowed per `replicationConfiguration`. See Rule */ rules: pulumi.Input[]>; } export interface ReplicationConfigurationReplicationConfigurationRule { /** * the details of a replication destination. A maximum of 25 are allowed per `rule`. See Destination. */ destinations: pulumi.Input[]>; /** * filters for a replication rule. See Repository Filter. */ repositoryFilters?: pulumi.Input[]>; } export interface ReplicationConfigurationReplicationConfigurationRuleDestination { /** * A Region to replicate to. */ region: pulumi.Input; /** * The account ID of the destination registry to replicate to. */ registryId: pulumi.Input; } export interface ReplicationConfigurationReplicationConfigurationRuleRepositoryFilter { /** * The repository filter details. */ filter: pulumi.Input; /** * The repository filter type. The only supported value is `PREFIX_MATCH`, which is a repository name prefix specified with the filter parameter. */ filterType: pulumi.Input; } export interface RepositoryEncryptionConfiguration { /** * The encryption type to use for the repository. Valid values are `AES256` or `KMS`. Defaults to `AES256`. */ encryptionType?: pulumi.Input; /** * The ARN of the KMS key to use when `encryptionType` is `KMS`. If not specified, uses the default AWS managed key for ECR. */ kmsKey?: pulumi.Input; } export interface RepositoryImageScanningConfiguration { /** * Indicates whether images are scanned after being pushed to the repository (true) or not scanned (false). */ scanOnPush: pulumi.Input; } } export namespace ecrpublic { export interface RepositoryCatalogData { /** * A detailed description of the contents of the repository. It is publicly visible in the Amazon ECR Public Gallery. The text must be in markdown format. */ aboutText?: pulumi.Input; /** * The system architecture that the images in the repository are compatible with. On the Amazon ECR Public Gallery, the following supported architectures will appear as badges on the repository and are used as search filters: `ARM`, `ARM 64`, `x86`, `x86-64` */ architectures?: pulumi.Input[]>; /** * A short description of the contents of the repository. This text appears in both the image details and also when searching for repositories on the Amazon ECR Public Gallery. */ description?: pulumi.Input; /** * The base64-encoded repository logo payload. (Only visible for verified accounts) Note that drift detection is disabled for this attribute. */ logoImageBlob?: pulumi.Input; /** * The operating systems that the images in the repository are compatible with. On the Amazon ECR Public Gallery, the following supported operating systems will appear as badges on the repository and are used as search filters: `Linux`, `Windows` */ operatingSystems?: pulumi.Input[]>; /** * Detailed information on how to use the contents of the repository. It is publicly visible in the Amazon ECR Public Gallery. The usage text provides context, support information, and additional usage details for users of the repository. The text must be in markdown format. */ usageText?: pulumi.Input; } } export namespace ecs { export interface CapacityProviderAutoScalingGroupProvider { /** * ARN of the associated auto scaling group. */ autoScalingGroupArn: pulumi.Input; /** * Configuration block defining the parameters of the auto scaling. Detailed below. */ managedScaling?: pulumi.Input; /** * Enables or disables container-aware termination of instances in the auto scaling group when scale-in happens. Valid values are `ENABLED` and `DISABLED`. */ managedTerminationProtection?: pulumi.Input; } export interface CapacityProviderAutoScalingGroupProviderManagedScaling { /** * Period of time, in seconds, after a newly launched Amazon EC2 instance can contribute to CloudWatch metrics for Auto Scaling group. If this parameter is omitted, the default value of 300 seconds is used. */ instanceWarmupPeriod?: pulumi.Input; /** * Maximum step adjustment size. A number between 1 and 10,000. */ maximumScalingStepSize?: pulumi.Input; /** * Minimum step adjustment size. A number between 1 and 10,000. */ minimumScalingStepSize?: pulumi.Input; /** * Whether auto scaling is managed by ECS. Valid values are `ENABLED` and `DISABLED`. */ status?: pulumi.Input; /** * Target utilization for the capacity provider. A number between 1 and 100. */ targetCapacity?: pulumi.Input; } export interface ClusterCapacityProvidersDefaultCapacityProviderStrategy { /** * The number of tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Defaults to `0`. */ base?: pulumi.Input; /** * Name of the capacity provider. */ capacityProvider: pulumi.Input; /** * The relative percentage of the total number of launched tasks that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` count of tasks has been satisfied. Defaults to `0`. */ weight?: pulumi.Input; } export interface ClusterConfiguration { /** * The details of the execute command configuration. Detailed below. */ executeCommandConfiguration?: pulumi.Input; } export interface ClusterConfigurationExecuteCommandConfiguration { /** * The AWS Key Management Service key ID to encrypt the data between the local client and the container. */ kmsKeyId?: pulumi.Input; /** * The log configuration for the results of the execute command actions Required when `logging` is `OVERRIDE`. Detailed below. */ logConfiguration?: pulumi.Input; /** * The log setting to use for redirecting logs for your execute command results. Valid values are `NONE`, `DEFAULT`, and `OVERRIDE`. */ logging?: pulumi.Input; } export interface ClusterConfigurationExecuteCommandConfigurationLogConfiguration { /** * Whether or not to enable encryption on the CloudWatch logs. If not specified, encryption will be disabled. */ cloudWatchEncryptionEnabled?: pulumi.Input; /** * The name of the CloudWatch log group to send logs to. */ cloudWatchLogGroupName?: pulumi.Input; /** * Whether or not to enable encryption on the logs sent to S3. If not specified, encryption will be disabled. */ s3BucketEncryptionEnabled?: pulumi.Input; /** * The name of the S3 bucket to send logs to. */ s3BucketName?: pulumi.Input; /** * An optional folder in the S3 bucket to place logs in. */ s3KeyPrefix?: pulumi.Input; } export interface ClusterServiceConnectDefaults { /** * The ARN of the `aws.servicediscovery.HttpNamespace` that's used when you create a service and don't specify a Service Connect configuration. */ namespace: pulumi.Input; } export interface ClusterSetting { /** * Name of the setting to manage. Valid values: `containerInsights`. */ name: pulumi.Input; /** * The value to assign to the setting. Valid values are `enabled` and `disabled`. */ value: pulumi.Input; } export interface GetTaskExecutionCapacityProviderStrategy { /** * The number of tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Defaults to `0`. */ base?: number; /** * Name of the capacity provider. */ capacityProvider: string; /** * The relative percentage of the total number of launched tasks that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` count of tasks has been satisfied. Defaults to `0`. */ weight?: number; } export interface GetTaskExecutionCapacityProviderStrategyArgs { /** * The number of tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Defaults to `0`. */ base?: pulumi.Input; /** * Name of the capacity provider. */ capacityProvider: pulumi.Input; /** * The relative percentage of the total number of launched tasks that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` count of tasks has been satisfied. Defaults to `0`. */ weight?: pulumi.Input; } export interface GetTaskExecutionNetworkConfiguration { /** * Assign a public IP address to the ENI (Fargate launch type only). Valid values are `true` or `false`. Default `false`. * * For more information, see the [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) documentation. */ assignPublicIp?: boolean; /** * Security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used. */ securityGroups?: string[]; /** * Subnets associated with the task or service. */ subnets: string[]; } export interface GetTaskExecutionNetworkConfigurationArgs { /** * Assign a public IP address to the ENI (Fargate launch type only). Valid values are `true` or `false`. Default `false`. * * For more information, see the [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) documentation. */ assignPublicIp?: pulumi.Input; /** * Security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used. */ securityGroups?: pulumi.Input[]>; /** * Subnets associated with the task or service. */ subnets: pulumi.Input[]>; } export interface GetTaskExecutionOverrides { /** * One or more container overrides that are sent to a task. See below. */ containerOverrides?: inputs.ecs.GetTaskExecutionOverridesContainerOverride[]; /** * The CPU override for the task. */ cpu?: string; /** * Amazon Resource Name (ARN) of the task execution role override for the task. */ executionRoleArn?: string; /** * Elastic Inference accelerator override for the task. See below. */ inferenceAcceleratorOverrides?: inputs.ecs.GetTaskExecutionOverridesInferenceAcceleratorOverride[]; /** * The memory override for the task. */ memory?: string; /** * Amazon Resource Name (ARN) of the role that containers in this task can assume. */ taskRoleArn?: string; } export interface GetTaskExecutionOverridesArgs { /** * One or more container overrides that are sent to a task. See below. */ containerOverrides?: pulumi.Input[]>; /** * The CPU override for the task. */ cpu?: pulumi.Input; /** * Amazon Resource Name (ARN) of the task execution role override for the task. */ executionRoleArn?: pulumi.Input; /** * Elastic Inference accelerator override for the task. See below. */ inferenceAcceleratorOverrides?: pulumi.Input[]>; /** * The memory override for the task. */ memory?: pulumi.Input; /** * Amazon Resource Name (ARN) of the role that containers in this task can assume. */ taskRoleArn?: pulumi.Input; } export interface GetTaskExecutionOverridesContainerOverride { /** * The command to send to the container that overrides the default command from the Docker image or the task definition. */ commands?: string[]; /** * The number of cpu units reserved for the container, instead of the default value from the task definition. */ cpu?: number; /** * The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. See below. */ environments?: inputs.ecs.GetTaskExecutionOverridesContainerOverrideEnvironment[]; /** * The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. */ memory?: number; /** * The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition. */ memoryReservation?: number; /** * The name of the container that receives the override. This parameter is required if any override is specified. */ name: string; /** * The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU. See below. */ resourceRequirements?: inputs.ecs.GetTaskExecutionOverridesContainerOverrideResourceRequirement[]; } export interface GetTaskExecutionOverridesContainerOverrideArgs { /** * The command to send to the container that overrides the default command from the Docker image or the task definition. */ commands?: pulumi.Input[]>; /** * The number of cpu units reserved for the container, instead of the default value from the task definition. */ cpu?: pulumi.Input; /** * The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. See below. */ environments?: pulumi.Input[]>; /** * The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. */ memory?: pulumi.Input; /** * The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition. */ memoryReservation?: pulumi.Input; /** * The name of the container that receives the override. This parameter is required if any override is specified. */ name: pulumi.Input; /** * The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU. See below. */ resourceRequirements?: pulumi.Input[]>; } export interface GetTaskExecutionOverridesContainerOverrideEnvironment { /** * The name of the key-value pair. For environment variables, this is the name of the environment variable. */ key: string; /** * The value of the key-value pair. For environment variables, this is the value of the environment variable. */ value: string; } export interface GetTaskExecutionOverridesContainerOverrideEnvironmentArgs { /** * The name of the key-value pair. For environment variables, this is the name of the environment variable. */ key: pulumi.Input; /** * The value of the key-value pair. For environment variables, this is the value of the environment variable. */ value: pulumi.Input; } export interface GetTaskExecutionOverridesContainerOverrideResourceRequirement { /** * The type of resource to assign to a container. Valid values are `GPU` or `InferenceAccelerator`. */ type: string; /** * The value for the specified resource type. If the `GPU` type is used, the value is the number of physical GPUs the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on. If the `InferenceAccelerator` type is used, the value matches the `deviceName` for an InferenceAccelerator specified in a task definition. */ value: string; } export interface GetTaskExecutionOverridesContainerOverrideResourceRequirementArgs { /** * The type of resource to assign to a container. Valid values are `GPU` or `InferenceAccelerator`. */ type: pulumi.Input; /** * The value for the specified resource type. If the `GPU` type is used, the value is the number of physical GPUs the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on. If the `InferenceAccelerator` type is used, the value matches the `deviceName` for an InferenceAccelerator specified in a task definition. */ value: pulumi.Input; } export interface GetTaskExecutionOverridesInferenceAcceleratorOverride { /** * The Elastic Inference accelerator device name to override for the task. This parameter must match a deviceName specified in the task definition. */ deviceName?: string; /** * The Elastic Inference accelerator type to use. */ deviceType?: string; } export interface GetTaskExecutionOverridesInferenceAcceleratorOverrideArgs { /** * The Elastic Inference accelerator device name to override for the task. This parameter must match a deviceName specified in the task definition. */ deviceName?: pulumi.Input; /** * The Elastic Inference accelerator type to use. */ deviceType?: pulumi.Input; } export interface GetTaskExecutionPlacementConstraint { /** * A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can't specify an expression if the constraint type is `distinctInstance`. */ expression?: string; /** * The type of constraint. Valid values are `distinctInstance` or `memberOf`. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates. */ type: string; } export interface GetTaskExecutionPlacementConstraintArgs { /** * A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can't specify an expression if the constraint type is `distinctInstance`. */ expression?: pulumi.Input; /** * The type of constraint. Valid values are `distinctInstance` or `memberOf`. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates. */ type: pulumi.Input; } export interface GetTaskExecutionPlacementStrategy { /** * The field to apply the placement strategy against. */ field?: string; /** * The type of placement strategy. Valid values are `random`, `spread`, and `binpack`. * * For more information, see the [Placement Strategy](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PlacementStrategy.html) documentation. */ type: string; } export interface GetTaskExecutionPlacementStrategyArgs { /** * The field to apply the placement strategy against. */ field?: pulumi.Input; /** * The type of placement strategy. Valid values are `random`, `spread`, and `binpack`. * * For more information, see the [Placement Strategy](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PlacementStrategy.html) documentation. */ type: pulumi.Input; } export interface ServiceAlarms { /** * One or more CloudWatch alarm names. */ alarmNames: pulumi.Input[]>; /** * Determines whether to use the CloudWatch alarm option in the service deployment process. */ enable: pulumi.Input; /** * Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is used, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. */ rollback: pulumi.Input; } export interface ServiceCapacityProviderStrategy { /** * Number of tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. */ base?: pulumi.Input; /** * Short name of the capacity provider. */ capacityProvider: pulumi.Input; /** * Relative percentage of the total number of launched tasks that should use the specified capacity provider. */ weight?: pulumi.Input; } export interface ServiceDeploymentCircuitBreaker { /** * Whether to enable the deployment circuit breaker logic for the service. */ enable: pulumi.Input; /** * Whether to enable Amazon ECS to roll back the service if a service deployment fails. If rollback is enabled, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. */ rollback: pulumi.Input; } export interface ServiceDeploymentController { /** * Type of deployment controller. Valid values: `CODE_DEPLOY`, `ECS`, `EXTERNAL`. Default: `ECS`. */ type?: pulumi.Input; } export interface ServiceLoadBalancer { /** * Name of the container to associate with the load balancer (as it appears in a container definition). */ containerName: pulumi.Input; /** * Port on the container to associate with the load balancer. * * > **Version note:** Multiple `loadBalancer` configuration block support was added in version 2.22.0 of the provider. This allows configuration of [ECS service support for multiple target groups](https://aws.amazon.com/about-aws/whats-new/2019/07/amazon-ecs-services-now-support-multiple-load-balancer-target-groups/). */ containerPort: pulumi.Input; /** * Name of the ELB (Classic) to associate with the service. */ elbName?: pulumi.Input; /** * ARN of the Load Balancer target group to associate with the service. */ targetGroupArn?: pulumi.Input; } export interface ServiceNetworkConfiguration { /** * Assign a public IP address to the ENI (Fargate launch type only). Valid values are `true` or `false`. Default `false`. * * For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) */ assignPublicIp?: pulumi.Input; /** * Security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used. */ securityGroups?: pulumi.Input[]>; /** * Subnets associated with the task or service. */ subnets: pulumi.Input[]>; } export interface ServiceOrderedPlacementStrategy { /** * For the `spread` placement strategy, valid values are `instanceId` (or `host`, * which has the same effect), or any platform or custom attribute that is applied to a container instance. * For the `binpack` type, valid values are `memory` and `cpu`. For the `random` type, this attribute is not * needed. For more information, see [Placement Strategy](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PlacementStrategy.html). * * > **Note:** for `spread`, `host` and `instanceId` will be normalized, by AWS, to be `instanceId`. This means the statefile will show `instanceId` but your config will differ if you use `host`. */ field?: pulumi.Input; /** * Type of placement strategy. Must be one of: `binpack`, `random`, or `spread` */ type: pulumi.Input; } export interface ServicePlacementConstraint { /** * Cluster Query Language expression to apply to the constraint. Does not need to be specified for the `distinctInstance` type. For more information, see [Cluster Query Language in the Amazon EC2 Container Service Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html). */ expression?: pulumi.Input; /** * Type of constraint. The only valid values at this time are `memberOf` and `distinctInstance`. */ type: pulumi.Input; } export interface ServiceServiceConnectConfiguration { /** * Specifies whether to use Service Connect with this service. */ enabled: pulumi.Input; /** * The log configuration for the container. See below. */ logConfiguration?: pulumi.Input; /** * The namespace name or ARN of the `aws.servicediscovery.HttpNamespace` for use with Service Connect. */ namespace?: pulumi.Input; /** * The list of Service Connect service objects. See below. */ services?: pulumi.Input[]>; } export interface ServiceServiceConnectConfigurationLogConfiguration { /** * The log driver to use for the container. */ logDriver: pulumi.Input; /** * The configuration options to send to the log driver. */ options?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The secrets to pass to the log configuration. See below. */ secretOptions?: pulumi.Input[]>; } export interface ServiceServiceConnectConfigurationLogConfigurationSecretOption { /** * The name of the secret. */ name: pulumi.Input; /** * The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store. */ valueFrom: pulumi.Input; } export interface ServiceServiceConnectConfigurationService { /** * The list of client aliases for this Service Connect service. You use these to assign names that can be used by client applications. The maximum number of client aliases that you can have in this list is 1. See below. */ clientAlias?: pulumi.Input[]>; /** * The name of the new AWS Cloud Map service that Amazon ECS creates for this Amazon ECS service. */ discoveryName?: pulumi.Input; /** * The port number for the Service Connect proxy to listen on. */ ingressPortOverride?: pulumi.Input; /** * The name of one of the `portMappings` from all the containers in the task definition of this Amazon ECS service. */ portName: pulumi.Input; } export interface ServiceServiceConnectConfigurationServiceClientAlias { /** * The name that you use in the applications of client tasks to connect to this service. */ dnsName?: pulumi.Input; /** * The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace. */ port: pulumi.Input; } export interface ServiceServiceRegistries { /** * Container name value, already specified in the task definition, to be used for your service discovery service. */ containerName?: pulumi.Input; /** * Port value, already specified in the task definition, to be used for your service discovery service. */ containerPort?: pulumi.Input; /** * Port value used if your Service Discovery service specified an SRV record. */ port?: pulumi.Input; /** * ARN of the Service Registry. The currently supported service registry is Amazon Route 53 Auto Naming Service(`aws.servicediscovery.Service`). For more information, see [Service](https://docs.aws.amazon.com/Route53/latest/APIReference/API_autonaming_Service.html) */ registryArn: pulumi.Input; } export interface TaskDefinitionEphemeralStorage { /** * The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB. */ sizeInGib: pulumi.Input; } export interface TaskDefinitionInferenceAccelerator { /** * Elastic Inference accelerator device name. The deviceName must also be referenced in a container definition as a ResourceRequirement. */ deviceName: pulumi.Input; /** * Elastic Inference accelerator type to use. */ deviceType: pulumi.Input; } export interface TaskDefinitionPlacementConstraint { /** * Cluster Query Language expression to apply to the constraint. For more information, see [Cluster Query Language in the Amazon EC2 Container Service Developer Guide](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html). */ expression?: pulumi.Input; /** * Type of constraint. Use `memberOf` to restrict selection to a group of valid candidates. Note that `distinctInstance` is not supported in task definitions. */ type: pulumi.Input; } export interface TaskDefinitionProxyConfiguration { /** * Name of the container that will serve as the App Mesh proxy. */ containerName: pulumi.Input; /** * Set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified a key-value mapping. */ properties?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Proxy type. The default value is `APPMESH`. The only supported value is `APPMESH`. */ type?: pulumi.Input; } export interface TaskDefinitionRuntimePlatform { /** * Must be set to either `X86_64` or `ARM64`; see [cpu architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#runtime-platform) */ cpuArchitecture?: pulumi.Input; /** * If the `requiresCompatibilities` is `FARGATE` this field is required; must be set to a valid option from the [operating system family in the runtime platform](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#runtime-platform) setting */ operatingSystemFamily?: pulumi.Input; } export interface TaskDefinitionVolume { /** * Configuration block to configure a docker volume. Detailed below. */ dockerVolumeConfiguration?: pulumi.Input; /** * Configuration block for an EFS volume. Detailed below. */ efsVolumeConfiguration?: pulumi.Input; /** * Configuration block for an FSX Windows File Server volume. Detailed below. */ fsxWindowsFileServerVolumeConfiguration?: pulumi.Input; /** * Path on the host container instance that is presented to the container. If not set, ECS will create a nonpersistent data volume that starts empty and is deleted after the task has finished. */ hostPath?: pulumi.Input; /** * Name of the volume. This name is referenced in the `sourceVolume` * parameter of container definition in the `mountPoints` section. */ name: pulumi.Input; } export interface TaskDefinitionVolumeDockerVolumeConfiguration { /** * If this value is `true`, the Docker volume is created if it does not already exist. *Note*: This field is only used if the scope is `shared`. */ autoprovision?: pulumi.Input; /** * Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. */ driver?: pulumi.Input; /** * Map of Docker driver specific options. */ driverOpts?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Map of custom metadata to add to your Docker volume. */ labels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Scope for the Docker volume, which determines its lifecycle, either `task` or `shared`. Docker volumes that are scoped to a `task` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as `shared` persist after the task stops. */ scope?: pulumi.Input; } export interface TaskDefinitionVolumeEfsVolumeConfiguration { /** * Configuration block for authorization for the Amazon EFS file system. Detailed below. */ authorizationConfig?: pulumi.Input; /** * ID of the EFS File System. */ fileSystemId: pulumi.Input; /** * Directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying / will have the same effect as omitting this parameter. This argument is ignored when using `authorizationConfig`. */ rootDirectory?: pulumi.Input; /** * Whether or not to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. Valid values: `ENABLED`, `DISABLED`. If this parameter is omitted, the default value of `DISABLED` is used. */ transitEncryption?: pulumi.Input; /** * Port to use for transit encryption. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. */ transitEncryptionPort?: pulumi.Input; } export interface TaskDefinitionVolumeEfsVolumeConfigurationAuthorizationConfig { /** * Access point ID to use. If an access point is specified, the root directory value will be relative to the directory set for the access point. If specified, transit encryption must be enabled in the EFSVolumeConfiguration. */ accessPointId?: pulumi.Input; /** * Whether or not to use the Amazon ECS task IAM role defined in a task definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the EFSVolumeConfiguration. Valid values: `ENABLED`, `DISABLED`. If this parameter is omitted, the default value of `DISABLED` is used. */ iam?: pulumi.Input; } export interface TaskDefinitionVolumeFsxWindowsFileServerVolumeConfiguration { /** * Configuration block for authorization for the Amazon FSx for Windows File Server file system detailed below. */ authorizationConfig: pulumi.Input; /** * The Amazon FSx for Windows File Server file system ID to use. */ fileSystemId: pulumi.Input; /** * The directory within the Amazon FSx for Windows File Server file system to mount as the root directory inside the host. */ rootDirectory: pulumi.Input; } export interface TaskDefinitionVolumeFsxWindowsFileServerVolumeConfigurationAuthorizationConfig { /** * The authorization credential option to use. The authorization credential options can be provided using either the Amazon Resource Name (ARN) of an AWS Secrets Manager secret or AWS Systems Manager Parameter Store parameter. The ARNs refer to the stored credentials. */ credentialsParameter: pulumi.Input; /** * A fully qualified domain name hosted by an AWS Directory Service Managed Microsoft AD (Active Directory) or self-hosted AD on Amazon EC2. */ domain: pulumi.Input; } export interface TaskSetCapacityProviderStrategy { /** * The number of tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. */ base?: pulumi.Input; /** * The short name or full Amazon Resource Name (ARN) of the capacity provider. */ capacityProvider: pulumi.Input; /** * The relative percentage of the total number of launched tasks that should use the specified capacity provider. */ weight: pulumi.Input; } export interface TaskSetLoadBalancer { /** * The name of the container to associate with the load balancer (as it appears in a container definition). */ containerName: pulumi.Input; /** * The port on the container to associate with the load balancer. Defaults to `0` if not specified. * * > **Note:** Specifying multiple `loadBalancer` configurations is still not supported by AWS for ECS task set. */ containerPort?: pulumi.Input; /** * The name of the ELB (Classic) to associate with the service. */ loadBalancerName?: pulumi.Input; /** * The ARN of the Load Balancer target group to associate with the service. */ targetGroupArn?: pulumi.Input; } export interface TaskSetNetworkConfiguration { /** * Whether to assign a public IP address to the ENI (`FARGATE` launch type only). Valid values are `true` or `false`. Default `false`. * * For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html). */ assignPublicIp?: pulumi.Input; /** * The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used. Maximum of 5. */ securityGroups?: pulumi.Input[]>; /** * The subnets associated with the task or service. Maximum of 16. */ subnets: pulumi.Input[]>; } export interface TaskSetScale { /** * The unit of measure for the scale value. Default: `PERCENT`. */ unit?: pulumi.Input; /** * The value, specified as a percent total of a service's `desiredCount`, to scale the task set. Defaults to `0` if not specified. Accepted values are numbers between 0.0 and 100.0. */ value?: pulumi.Input; } export interface TaskSetServiceRegistries { /** * The container name value, already specified in the task definition, to be used for your service discovery service. */ containerName?: pulumi.Input; /** * The port value, already specified in the task definition, to be used for your service discovery service. */ containerPort?: pulumi.Input; /** * The port value used if your Service Discovery service specified an SRV record. */ port?: pulumi.Input; /** * The ARN of the Service Registry. The currently supported service registry is Amazon Route 53 Auto Naming Service(`aws.servicediscovery.Service` resource). For more information, see [Service](https://docs.aws.amazon.com/Route53/latest/APIReference/API_autonaming_Service.html). */ registryArn: pulumi.Input; } } export namespace efs { export interface AccessPointPosixUser { /** * POSIX group ID used for all file system operations using this access point. */ gid: pulumi.Input; /** * Secondary POSIX group IDs used for all file system operations using this access point. */ secondaryGids?: pulumi.Input[]>; /** * POSIX user ID used for all file system operations using this access point. */ uid: pulumi.Input; } export interface AccessPointRootDirectory { /** * POSIX IDs and permissions to apply to the access point's Root Directory. See Creation Info below. */ creationInfo?: pulumi.Input; /** * Path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide `creationInfo`. */ path?: pulumi.Input; } export interface AccessPointRootDirectoryCreationInfo { /** * POSIX group ID to apply to the `rootDirectory`. */ ownerGid: pulumi.Input; /** * POSIX user ID to apply to the `rootDirectory`. */ ownerUid: pulumi.Input; /** * POSIX permissions to apply to the RootDirectory, in the format of an octal number representing the file's mode bits. */ permissions: pulumi.Input; } export interface BackupPolicyBackupPolicy { /** * A status of the backup policy. Valid values: `ENABLED`, `DISABLED`. */ status: pulumi.Input; } export interface FileSystemLifecyclePolicy { /** * Indicates how long it takes to transition files to the IA storage class. Valid values: `AFTER_1_DAY`, `AFTER_7_DAYS`, `AFTER_14_DAYS`, `AFTER_30_DAYS`, `AFTER_60_DAYS`, or `AFTER_90_DAYS`. */ transitionToIa?: pulumi.Input; /** * Describes the policy used to transition a file from infequent access storage to primary storage. Valid values: `AFTER_1_ACCESS`. */ transitionToPrimaryStorageClass?: pulumi.Input; } export interface FileSystemSizeInByte { /** * The latest known metered size (in bytes) of data stored in the file system. */ value?: pulumi.Input; /** * The latest known metered size (in bytes) of data stored in the Infrequent Access storage class. */ valueInIa?: pulumi.Input; /** * The latest known metered size (in bytes) of data stored in the Standard storage class. */ valueInStandard?: pulumi.Input; } export interface ReplicationConfigurationDestination { /** * The availability zone in which the replica should be created. If specified, the replica will be created with One Zone storage. If omitted, regional storage will be used. */ availabilityZoneName?: pulumi.Input; fileSystemId?: pulumi.Input; /** * The Key ID, ARN, alias, or alias ARN of the KMS key that should be used to encrypt the replica file system. If omitted, the default KMS key for EFS `/aws/elasticfilesystem` will be used. */ kmsKeyId?: pulumi.Input; /** * The region in which the replica should be created. */ region?: pulumi.Input; status?: pulumi.Input; } } export namespace eks { export interface ClusterCertificateAuthority { /** * Base64 encoded certificate data required to communicate with your cluster. Add this to the `certificate-authority-data` section of the `kubeconfig` file for your cluster. */ data?: pulumi.Input; } export interface ClusterEncryptionConfig { /** * Configuration block with provider for encryption. Detailed below. */ provider: pulumi.Input; /** * List of strings with resources to be encrypted. Valid values: `secrets`. */ resources: pulumi.Input[]>; } export interface ClusterEncryptionConfigProvider { /** * ARN of the Key Management Service (KMS) customer master key (CMK). The CMK must be symmetric, created in the same region as the cluster, and if the CMK was created in a different account, the user must have access to the CMK. For more information, see [Allowing Users in Other Accounts to Use a CMK in the AWS Key Management Service Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html). */ keyArn: pulumi.Input; } export interface ClusterIdentity { /** * Nested block containing [OpenID Connect](https://openid.net/connect/) identity provider information for the cluster. Detailed below. */ oidcs?: pulumi.Input[]>; } export interface ClusterIdentityOidc { /** * Issuer URL for the OpenID Connect identity provider. */ issuer?: pulumi.Input; } export interface ClusterKubernetesNetworkConfig { /** * The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`. You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created. */ ipFamily?: pulumi.Input; /** * The CIDR block to assign Kubernetes pod and service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. The block must meet the following requirements: * * * Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16. * * * Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC. * * * Between /24 and /12. */ serviceIpv4Cidr?: pulumi.Input; serviceIpv6Cidr?: pulumi.Input; } export interface ClusterOutpostConfig { /** * The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. The instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. Choose an instance type based on the number of nodes that your cluster will have. If your cluster will have: * * * 1–20 nodes, then we recommend specifying a large instance type. * * * 21–100 nodes, then we recommend specifying an xlarge instance type. * * * 101–250 nodes, then we recommend specifying a 2xlarge instance type. * * For a list of the available Amazon EC2 instance types, see Compute and storage in AWS Outposts rack features The control plane is not automatically scaled by Amazon EKS. */ controlPlaneInstanceType: pulumi.Input; /** * An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on AWS Outpost. * The `controlPlanePlacement` configuration block supports the following arguments: */ controlPlanePlacement?: pulumi.Input; /** * The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. This argument is a list of arns, but only a single Outpost ARN is supported currently. */ outpostArns: pulumi.Input[]>; } export interface ClusterOutpostConfigControlPlanePlacement { /** * The name of the placement group for the Kubernetes control plane instances. This setting can't be changed after cluster creation. */ groupName: pulumi.Input; } export interface ClusterVpcConfig { /** * Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication. */ clusterSecurityGroupId?: pulumi.Input; /** * Whether the Amazon EKS private API server endpoint is enabled. Default is `false`. */ endpointPrivateAccess?: pulumi.Input; /** * Whether the Amazon EKS public API server endpoint is enabled. Default is `true`. */ endpointPublicAccess?: pulumi.Input; /** * List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint when enabled. EKS defaults this to a list with `0.0.0.0/0`. The provider will only perform drift detection of its value when present in a configuration. */ publicAccessCidrs?: pulumi.Input[]>; /** * List of security group IDs for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. */ securityGroupIds?: pulumi.Input[]>; /** * List of subnet IDs. Must be in at least two different availability zones. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane. */ subnetIds: pulumi.Input[]>; /** * ID of the VPC associated with your cluster. */ vpcId?: pulumi.Input; } export interface FargateProfileSelector { /** * Key-value map of Kubernetes labels for selection. */ labels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Kubernetes namespace for selection. * * The following arguments are optional: */ namespace: pulumi.Input; } export interface IdentityProviderConfigOidc { /** * Client ID for the OpenID Connect identity provider. */ clientId: pulumi.Input; /** * The JWT claim that the provider will use to return groups. */ groupsClaim?: pulumi.Input; /** * A prefix that is prepended to group claims e.g., `oidc:`. */ groupsPrefix?: pulumi.Input; /** * The name of the identity provider config. */ identityProviderConfigName: pulumi.Input; /** * Issuer URL for the OpenID Connect identity provider. */ issuerUrl: pulumi.Input; /** * The key value pairs that describe required claims in the identity token. */ requiredClaims?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The JWT claim that the provider will use as the username. */ usernameClaim?: pulumi.Input; /** * A prefix that is prepended to username claims. */ usernamePrefix?: pulumi.Input; } export interface NodeGroupLaunchTemplate { /** * Identifier of the EC2 Launch Template. Conflicts with `name`. */ id?: pulumi.Input; /** * Name of the EC2 Launch Template. Conflicts with `id`. */ name?: pulumi.Input; /** * EC2 Launch Template version number. While the API accepts values like `$Default` and `$Latest`, the API will convert the value to the associated version number (e.g., `1`) on read and the provider will show a difference on next plan. Using the `defaultVersion` or `latestVersion` attribute of the `aws.ec2.LaunchTemplate` resource or data source is recommended for this argument. */ version: pulumi.Input; } export interface NodeGroupRemoteAccess { /** * EC2 Key Pair name that provides access for remote communication with the worker nodes in the EKS Node Group. If you specify this configuration, but do not specify `sourceSecurityGroupIds` when you create an EKS Node Group, either port 3389 for Windows, or port 22 for all other operating systems is opened on the worker nodes to the Internet (0.0.0.0/0). For Windows nodes, this will allow you to use RDP, for all others this allows you to SSH into the worker nodes. */ ec2SshKey?: pulumi.Input; /** * Set of EC2 Security Group IDs to allow SSH access (port 22) from on the worker nodes. If you specify `ec2SshKey`, but do not specify this configuration when you create an EKS Node Group, port 22 on the worker nodes is opened to the Internet (0.0.0.0/0). */ sourceSecurityGroupIds?: pulumi.Input[]>; } export interface NodeGroupResource { /** * List of objects containing information about AutoScaling Groups. */ autoscalingGroups?: pulumi.Input[]>; /** * Identifier of the remote access EC2 Security Group. */ remoteAccessSecurityGroupId?: pulumi.Input; } export interface NodeGroupResourceAutoscalingGroup { /** * Name of the EC2 Launch Template. Conflicts with `id`. */ name?: pulumi.Input; } export interface NodeGroupScalingConfig { /** * Desired number of worker nodes. */ desiredSize: pulumi.Input; /** * Maximum number of worker nodes. */ maxSize: pulumi.Input; /** * Minimum number of worker nodes. */ minSize: pulumi.Input; } export interface NodeGroupTaint { /** * The effect of the taint. Valid values: `NO_SCHEDULE`, `NO_EXECUTE`, `PREFER_NO_SCHEDULE`. */ effect: pulumi.Input; /** * The key of the taint. Maximum length of 63. */ key: pulumi.Input; /** * The value of the taint. Maximum length of 63. */ value?: pulumi.Input; } export interface NodeGroupUpdateConfig { /** * Desired max number of unavailable worker nodes during node group update. */ maxUnavailable?: pulumi.Input; /** * Desired max percentage of unavailable worker nodes during node group update. */ maxUnavailablePercentage?: pulumi.Input; } } export namespace elasticache { export interface ClusterCacheNode { address?: pulumi.Input; /** * Availability Zone for the cache cluster. If you want to create cache nodes in multi-az, use `preferredAvailabilityZones` instead. Default: System chosen Availability Zone. Changing this value will re-create the resource. */ availabilityZone?: pulumi.Input; id?: pulumi.Input; outpostArn?: pulumi.Input; /** * The port number on which each of the cache nodes will accept connections. For Memcached the default is 11211, and for Redis the default port is 6379. Cannot be provided with `replicationGroupId`. Changing this value will re-create the resource. */ port?: pulumi.Input; } export interface ClusterLogDeliveryConfiguration { /** * Name of either the CloudWatch Logs LogGroup or Kinesis Data Firehose resource. */ destination: pulumi.Input; /** * For CloudWatch Logs use `cloudwatch-logs` or for Kinesis Data Firehose use `kinesis-firehose`. */ destinationType: pulumi.Input; /** * Valid values are `json` or `text` */ logFormat: pulumi.Input; /** * Valid values are `slow-log` or `engine-log`. Max 1 of each. */ logType: pulumi.Input; } export interface GetUserAuthenticationMode { passwordCount?: number; type?: string; } export interface GetUserAuthenticationModeArgs { passwordCount?: pulumi.Input; type?: pulumi.Input; } export interface GlobalReplicationGroupGlobalNodeGroup { /** * The ID of the global node group. */ globalNodeGroupId?: pulumi.Input; /** * The keyspace for this node group. */ slots?: pulumi.Input; } export interface ParameterGroupParameter { /** * The name of the ElastiCache parameter. */ name: pulumi.Input; /** * The value of the ElastiCache parameter. */ value: pulumi.Input; } export interface ReplicationGroupLogDeliveryConfiguration { /** * Name of either the CloudWatch Logs LogGroup or Kinesis Data Firehose resource. */ destination: pulumi.Input; /** * For CloudWatch Logs use `cloudwatch-logs` or for Kinesis Data Firehose use `kinesis-firehose`. */ destinationType: pulumi.Input; /** * Valid values are `json` or `text` */ logFormat: pulumi.Input; /** * Valid values are `slow-log` or `engine-log`. Max 1 of each. */ logType: pulumi.Input; } export interface UserAuthenticationMode { passwordCount?: pulumi.Input; /** * Specifies the passwords to use for authentication if `type` is set to `password`. */ passwords?: pulumi.Input[]>; /** * Specifies the authentication type. Possible options are: `password`, `no-password-required` or `iam`. */ type: pulumi.Input; } } export namespace elasticbeanstalk { export interface ApplicationAppversionLifecycle { /** * Set to `true` to delete a version's source bundle from S3 when the application version is deleted. */ deleteSourceFromS3?: pulumi.Input; /** * The number of days to retain an application version ('max_age_in_days' and 'max_count' cannot be enabled simultaneously.). */ maxAgeInDays?: pulumi.Input; /** * The maximum number of application versions to retain ('max_age_in_days' and 'max_count' cannot be enabled simultaneously.). */ maxCount?: pulumi.Input; /** * The ARN of an IAM service role under which the application version is deleted. Elastic Beanstalk must have permission to assume this role. */ serviceRole: pulumi.Input; } export interface ConfigurationTemplateSetting { /** * A unique name for this Template. */ name: pulumi.Input; namespace: pulumi.Input; resource?: pulumi.Input; value: pulumi.Input; } export interface EnvironmentAllSetting { /** * A unique name for this Environment. This name is used * in the application URL */ name: pulumi.Input; namespace: pulumi.Input; resource?: pulumi.Input; value: pulumi.Input; } export interface EnvironmentSetting { /** * A unique name for this Environment. This name is used * in the application URL */ name: pulumi.Input; namespace: pulumi.Input; resource?: pulumi.Input; value: pulumi.Input; } } export namespace elasticsearch { export interface DomainAdvancedSecurityOptions { /** * Whether advanced security is enabled. */ enabled: pulumi.Input; /** * Whether the internal user database is enabled. If not set, defaults to `false` by the AWS API. */ internalUserDatabaseEnabled?: pulumi.Input; /** * Configuration block for the main user. Detailed below. */ masterUserOptions?: pulumi.Input; } export interface DomainAdvancedSecurityOptionsMasterUserOptions { /** * ARN for the main user. Only specify if `internalUserDatabaseEnabled` is not set or set to `false`. */ masterUserArn?: pulumi.Input; /** * Main user's username, which is stored in the Amazon Elasticsearch Service domain's internal database. Only specify if `internalUserDatabaseEnabled` is set to `true`. */ masterUserName?: pulumi.Input; /** * Main user's password, which is stored in the Amazon Elasticsearch Service domain's internal database. Only specify if `internalUserDatabaseEnabled` is set to `true`. */ masterUserPassword?: pulumi.Input; } export interface DomainAutoTuneOptions { /** * The Auto-Tune desired state for the domain. Valid values: `ENABLED` or `DISABLED`. */ desiredState: pulumi.Input; /** * Configuration block for Auto-Tune maintenance windows. Can be specified multiple times for each maintenance window. Detailed below. */ maintenanceSchedules?: pulumi.Input[]>; /** * Whether to roll back to default Auto-Tune settings when disabling Auto-Tune. Valid values: `DEFAULT_ROLLBACK` or `NO_ROLLBACK`. */ rollbackOnDisable?: pulumi.Input; } export interface DomainAutoTuneOptionsMaintenanceSchedule { /** * A cron expression specifying the recurrence pattern for an Auto-Tune maintenance schedule. */ cronExpressionForRecurrence: pulumi.Input; /** * Configuration block for the duration of the Auto-Tune maintenance window. Detailed below. */ duration: pulumi.Input; /** * Date and time at which to start the Auto-Tune maintenance schedule in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8). */ startAt: pulumi.Input; } export interface DomainAutoTuneOptionsMaintenanceScheduleDuration { /** * The unit of time specifying the duration of an Auto-Tune maintenance window. Valid values: `HOURS`. */ unit: pulumi.Input; /** * An integer specifying the value of the duration of an Auto-Tune maintenance window. */ value: pulumi.Input; } export interface DomainClusterConfig { /** * Configuration block containing cold storage configuration. Detailed below. */ coldStorageOptions?: pulumi.Input; /** * Number of dedicated main nodes in the cluster. */ dedicatedMasterCount?: pulumi.Input; /** * Whether dedicated main nodes are enabled for the cluster. */ dedicatedMasterEnabled?: pulumi.Input; /** * Instance type of the dedicated main nodes in the cluster. */ dedicatedMasterType?: pulumi.Input; /** * Number of instances in the cluster. */ instanceCount?: pulumi.Input; /** * Instance type of data nodes in the cluster. */ instanceType?: pulumi.Input; /** * Number of warm nodes in the cluster. Valid values are between `2` and `150`. `warmCount` can be only and must be set when `warmEnabled` is set to `true`. */ warmCount?: pulumi.Input; /** * Whether to enable warm storage. */ warmEnabled?: pulumi.Input; /** * Instance type for the Elasticsearch cluster's warm nodes. Valid values are `ultrawarm1.medium.elasticsearch`, `ultrawarm1.large.elasticsearch` and `ultrawarm1.xlarge.elasticsearch`. `warmType` can be only and must be set when `warmEnabled` is set to `true`. */ warmType?: pulumi.Input; /** * Configuration block containing zone awareness settings. Detailed below. */ zoneAwarenessConfig?: pulumi.Input; /** * Whether zone awareness is enabled, set to `true` for multi-az deployment. To enable awareness with three Availability Zones, the `availabilityZoneCount` within the `zoneAwarenessConfig` must be set to `3`. */ zoneAwarenessEnabled?: pulumi.Input; } export interface DomainClusterConfigColdStorageOptions { /** * Boolean to enable cold storage for an Elasticsearch domain. Defaults to `false`. Master and ultrawarm nodes must be enabled for cold storage. */ enabled?: pulumi.Input; } export interface DomainClusterConfigZoneAwarenessConfig { /** * Number of Availability Zones for the domain to use with `zoneAwarenessEnabled`. Defaults to `2`. Valid values: `2` or `3`. */ availabilityZoneCount?: pulumi.Input; } export interface DomainCognitoOptions { /** * Whether Amazon Cognito authentication with Kibana is enabled or not. */ enabled?: pulumi.Input; /** * ID of the Cognito Identity Pool to use. */ identityPoolId: pulumi.Input; /** * ARN of the IAM role that has the AmazonESCognitoAccess policy attached. */ roleArn: pulumi.Input; /** * ID of the Cognito User Pool to use. */ userPoolId: pulumi.Input; } export interface DomainDomainEndpointOptions { /** * Fully qualified domain for your custom endpoint. */ customEndpoint?: pulumi.Input; /** * ACM certificate ARN for your custom endpoint. */ customEndpointCertificateArn?: pulumi.Input; /** * Whether to enable custom endpoint for the Elasticsearch domain. */ customEndpointEnabled?: pulumi.Input; /** * Whether or not to require HTTPS. Defaults to `true`. */ enforceHttps?: pulumi.Input; /** * Name of the TLS security policy that needs to be applied to the HTTPS endpoint. Valid values: `Policy-Min-TLS-1-0-2019-07` and `Policy-Min-TLS-1-2-2019-07`. The provider will only perform drift detection if a configuration value is provided. */ tlsSecurityPolicy?: pulumi.Input; } export interface DomainEbsOptions { /** * Whether EBS volumes are attached to data nodes in the domain. */ ebsEnabled: pulumi.Input; /** * Baseline input/output (I/O) performance of EBS volumes attached to data nodes. Applicable only for the GP3 and Provisioned IOPS EBS volume types. */ iops?: pulumi.Input; /** * Specifies the throughput (in MiB/s) of the EBS volumes attached to data nodes. Applicable only for the gp3 volume type. */ throughput?: pulumi.Input; /** * Size of EBS volumes attached to data nodes (in GiB). */ volumeSize?: pulumi.Input; /** * Type of EBS volumes attached to data nodes. */ volumeType?: pulumi.Input; } export interface DomainEncryptAtRest { /** * Whether to enable encryption at rest. If the `encryptAtRest` block is not provided then this defaults to `false`. Enabling encryption on new domains requires `elasticsearchVersion` 5.1 or greater. */ enabled: pulumi.Input; /** * KMS key ARN to encrypt the Elasticsearch domain with. If not specified then it defaults to using the `aws/es` service KMS key. Note that KMS will accept a KMS key ID but will return the key ARN. To prevent the provider detecting unwanted changes, use the key ARN instead. */ kmsKeyId?: pulumi.Input; } export interface DomainLogPublishingOption { /** * ARN of the Cloudwatch log group to which log needs to be published. */ cloudwatchLogGroupArn: pulumi.Input; /** * Whether given log publishing option is enabled or not. */ enabled?: pulumi.Input; /** * Type of Elasticsearch log. Valid values: `INDEX_SLOW_LOGS`, `SEARCH_SLOW_LOGS`, `ES_APPLICATION_LOGS`, `AUDIT_LOGS`. */ logType: pulumi.Input; } export interface DomainNodeToNodeEncryption { /** * Whether to enable node-to-node encryption. If the `nodeToNodeEncryption` block is not provided then this defaults to `false`. Enabling node-to-node encryption of a new domain requires an `elasticsearchVersion` of `6.0` or greater. */ enabled: pulumi.Input; } export interface DomainSamlOptionsSamlOptions { /** * Whether SAML authentication is enabled. */ enabled?: pulumi.Input; /** * Information from your identity provider. */ idp?: pulumi.Input; /** * This backend role from the SAML IdP receives full permissions to the cluster, equivalent to a new master user. */ masterBackendRole?: pulumi.Input; /** * This username from the SAML IdP receives full permissions to the cluster, equivalent to a new master user. */ masterUserName?: pulumi.Input; /** * Element of the SAML assertion to use for backend roles. Default is roles. */ rolesKey?: pulumi.Input; /** * Duration of a session in minutes after a user logs in. Default is 60. Maximum value is 1,440. */ sessionTimeoutMinutes?: pulumi.Input; /** * Custom SAML attribute to use for user names. Default is an empty string - `""`. This will cause Elasticsearch to use the `NameID` element of the `Subject`, which is the default location for name identifiers in the SAML specification. */ subjectKey?: pulumi.Input; } export interface DomainSamlOptionsSamlOptionsIdp { /** * The unique Entity ID of the application in SAML Identity Provider. */ entityId: pulumi.Input; /** * The Metadata of the SAML application in xml format. */ metadataContent: pulumi.Input; } export interface DomainSnapshotOptions { /** * Hour during which the service takes an automated daily snapshot of the indices in the domain. */ automatedSnapshotStartHour: pulumi.Input; } export interface DomainVpcOptions { availabilityZones?: pulumi.Input[]>; /** * List of VPC Security Group IDs to be applied to the Elasticsearch domain endpoints. If omitted, the default Security Group for the VPC will be used. */ securityGroupIds?: pulumi.Input[]>; /** * List of VPC Subnet IDs for the Elasticsearch domain endpoints to be created in. */ subnetIds?: pulumi.Input[]>; vpcId?: pulumi.Input; } } export namespace elastictranscoder { export interface PipelineContentConfig { /** * The Amazon S3 bucket in which you want Elastic Transcoder to save transcoded files and playlists. */ bucket?: pulumi.Input; /** * The Amazon S3 storage class, `Standard` or `ReducedRedundancy`, that you want Elastic Transcoder to assign to the files and playlists that it stores in your Amazon S3 bucket. */ storageClass?: pulumi.Input; } export interface PipelineContentConfigPermission { /** * The permission that you want to give to the AWS user that you specified in `content_config_permissions.grantee`. Valid values are `Read`, `ReadAcp`, `WriteAcp` or `FullControl`. */ accesses?: pulumi.Input[]>; /** * The AWS user or group that you want to have access to transcoded files and playlists. */ grantee?: pulumi.Input; /** * Specify the type of value that appears in the `content_config_permissions.grantee` object. Valid values are `Canonical`, `Email` or `Group`. */ granteeType?: pulumi.Input; } export interface PipelineNotifications { /** * The topic ARN for the Amazon SNS topic that you want to notify when Elastic Transcoder has finished processing a job in this pipeline. */ completed?: pulumi.Input; /** * The topic ARN for the Amazon SNS topic that you want to notify when Elastic Transcoder encounters an error condition while processing a job in this pipeline. */ error?: pulumi.Input; /** * The topic ARN for the Amazon Simple Notification Service (Amazon SNS) topic that you want to notify when Elastic Transcoder has started to process a job in this pipeline. */ progressing?: pulumi.Input; /** * The topic ARN for the Amazon SNS topic that you want to notify when Elastic Transcoder encounters a warning condition while processing a job in this pipeline. * * The `thumbnailConfig` object specifies information about the Amazon S3 bucket in * which you want Elastic Transcoder to save thumbnail files: which bucket to use, * which users you want to have access to the files, the type of access you want * users to have, and the storage class that you want to assign to the files. If * you specify values for `contentConfig`, you must also specify values for * `thumbnailConfig` even if you don't want to create thumbnails. (You control * whether to create thumbnails when you create a job. For more information, see * ThumbnailPattern in the topic Create Job.) If you specify values for * `contentConfig` and `thumbnailConfig`, omit the OutputBucket object. */ warning?: pulumi.Input; } export interface PipelineThumbnailConfig { /** * The Amazon S3 bucket in which you want Elastic Transcoder to save thumbnail files. */ bucket?: pulumi.Input; /** * The Amazon S3 storage class, Standard or ReducedRedundancy, that you want Elastic Transcoder to assign to the thumbnails that it stores in your Amazon S3 bucket. */ storageClass?: pulumi.Input; } export interface PipelineThumbnailConfigPermission { /** * The permission that you want to give to the AWS user that you specified in `thumbnail_config_permissions.grantee`. Valid values are `Read`, `ReadAcp`, `WriteAcp` or `FullControl`. */ accesses?: pulumi.Input[]>; /** * The AWS user or group that you want to have access to thumbnail files. */ grantee?: pulumi.Input; /** * Specify the type of value that appears in the `thumbnail_config_permissions.grantee` object. Valid values are `Canonical`, `Email` or `Group`. */ granteeType?: pulumi.Input; } export interface PresetAudio { /** * The method of organizing audio channels and tracks. Use Audio:Channels to specify the number of channels in your output, and Audio:AudioPackingMode to specify the number of tracks and their relation to the channels. If you do not specify an Audio:AudioPackingMode, Elastic Transcoder uses SingleTrack. */ audioPackingMode?: pulumi.Input; /** * The bit rate of the audio stream in the output file, in kilobits/second. Enter an integer between 64 and 320, inclusive. */ bitRate?: pulumi.Input; /** * The number of audio channels in the output file */ channels?: pulumi.Input; /** * The audio codec for the output file. Valid values are `AAC`, `flac`, `mp2`, `mp3`, `pcm`, and `vorbis`. */ codec?: pulumi.Input; /** * The sample rate of the audio stream in the output file, in hertz. Valid values are: `auto`, `22050`, `32000`, `44100`, `48000`, `96000` */ sampleRate?: pulumi.Input; } export interface PresetAudioCodecOptions { /** * The bit depth of a sample is how many bits of information are included in the audio samples. Valid values are `16` and `24`. (FLAC/PCM Only) */ bitDepth?: pulumi.Input; /** * The order the bits of a PCM sample are stored in. The supported value is LittleEndian. (PCM Only) */ bitOrder?: pulumi.Input; /** * If you specified AAC for Audio:Codec, choose the AAC profile for the output file. */ profile?: pulumi.Input; /** * Whether audio samples are represented with negative and positive numbers (signed) or only positive numbers (unsigned). The supported value is Signed. (PCM Only) */ signed?: pulumi.Input; } export interface PresetThumbnails { /** * The aspect ratio of thumbnails. The following values are valid: auto, 1:1, 4:3, 3:2, 16:9 */ aspectRatio?: pulumi.Input; /** * The format of thumbnails, if any. Valid formats are jpg and png. */ format?: pulumi.Input; /** * The approximate number of seconds between thumbnails. The value must be an integer. The actual interval can vary by several seconds from one thumbnail to the next. */ interval?: pulumi.Input; /** * The maximum height of thumbnails, in pixels. If you specify auto, Elastic Transcoder uses 1080 (Full HD) as the default value. If you specify a numeric value, enter an even integer between 32 and 3072, inclusive. */ maxHeight?: pulumi.Input; /** * The maximum width of thumbnails, in pixels. If you specify auto, Elastic Transcoder uses 1920 (Full HD) as the default value. If you specify a numeric value, enter an even integer between 32 and 4096, inclusive. */ maxWidth?: pulumi.Input; /** * When you set PaddingPolicy to Pad, Elastic Transcoder might add black bars to the top and bottom and/or left and right sides of thumbnails to make the total size of the thumbnails match the values that you specified for thumbnail MaxWidth and MaxHeight settings. */ paddingPolicy?: pulumi.Input; /** * The width and height of thumbnail files in pixels, in the format WidthxHeight, where both values are even integers. The values cannot exceed the width and height that you specified in the Video:Resolution object. (To better control resolution and aspect ratio of thumbnails, we recommend that you use the thumbnail values `maxWidth`, `maxHeight`, `sizingPolicy`, and `paddingPolicy` instead of `resolution` and `aspectRatio`. The two groups of settings are mutually exclusive. Do not use them together) */ resolution?: pulumi.Input; /** * A value that controls scaling of thumbnails. Valid values are: `Fit`, `Fill`, `Stretch`, `Keep`, `ShrinkToFit`, and `ShrinkToFill`. */ sizingPolicy?: pulumi.Input; } export interface PresetVideo { /** * The display aspect ratio of the video in the output file. Valid values are: `auto`, `1:1`, `4:3`, `3:2`, `16:9`. (Note; to better control resolution and aspect ratio of output videos, we recommend that you use the values `maxWidth`, `maxHeight`, `sizingPolicy`, `paddingPolicy`, and `displayAspectRatio` instead of `resolution` and `aspectRatio`.) */ aspectRatio?: pulumi.Input; /** * The bit rate of the video stream in the output file, in kilobits/second. You can configure variable bit rate or constant bit rate encoding. */ bitRate?: pulumi.Input; /** * The video codec for the output file. Valid values are `gif`, `H.264`, `mpeg2`, `vp8`, and `vp9`. */ codec?: pulumi.Input; /** * The value that Elastic Transcoder adds to the metadata in the output file. If you set DisplayAspectRatio to auto, Elastic Transcoder chooses an aspect ratio that ensures square pixels. If you specify another option, Elastic Transcoder sets that value in the output file. */ displayAspectRatio?: pulumi.Input; /** * Whether to use a fixed value for Video:FixedGOP. Not applicable for containers of type gif. Valid values are true and false. Also known as, Fixed Number of Frames Between Keyframes. */ fixedGop?: pulumi.Input; /** * The frames per second for the video stream in the output file. The following values are valid: `auto`, `10`, `15`, `23.97`, `24`, `25`, `29.97`, `30`, `50`, `60`. */ frameRate?: pulumi.Input; /** * The maximum number of frames between key frames. Not applicable for containers of type gif. */ keyframesMaxDist?: pulumi.Input; /** * If you specify auto for FrameRate, Elastic Transcoder uses the frame rate of the input video for the frame rate of the output video, up to the maximum frame rate. If you do not specify a MaxFrameRate, Elastic Transcoder will use a default of 30. */ maxFrameRate?: pulumi.Input; /** * The maximum height of the output video in pixels. If you specify auto, Elastic Transcoder uses 1080 (Full HD) as the default value. If you specify a numeric value, enter an even integer between 96 and 3072, inclusive. */ maxHeight?: pulumi.Input; /** * The maximum width of the output video in pixels. If you specify auto, Elastic Transcoder uses 1920 (Full HD) as the default value. If you specify a numeric value, enter an even integer between 128 and 4096, inclusive. */ maxWidth?: pulumi.Input; /** * When you set PaddingPolicy to Pad, Elastic Transcoder might add black bars to the top and bottom and/or left and right sides of the output video to make the total size of the output video match the values that you specified for `maxWidth` and `maxHeight`. */ paddingPolicy?: pulumi.Input; /** * The width and height of the video in the output file, in pixels. Valid values are `auto` and `widthxheight`. (see note for `aspectRatio`) */ resolution?: pulumi.Input; /** * A value that controls scaling of the output video. Valid values are: `Fit`, `Fill`, `Stretch`, `Keep`, `ShrinkToFit`, `ShrinkToFill`. */ sizingPolicy?: pulumi.Input; } export interface PresetVideoWatermark { /** * The horizontal position of the watermark unless you specify a nonzero value for `horzontalOffset`. */ horizontalAlign?: pulumi.Input; /** * The amount by which you want the horizontal position of the watermark to be offset from the position specified by `horizontalAlign`. */ horizontalOffset?: pulumi.Input; /** * A unique identifier for the settings for one watermark. The value of Id can be up to 40 characters long. You can specify settings for up to four watermarks. */ id?: pulumi.Input; /** * The maximum height of the watermark. */ maxHeight?: pulumi.Input; /** * The maximum width of the watermark. */ maxWidth?: pulumi.Input; /** * A percentage that indicates how much you want a watermark to obscure the video in the location where it appears. */ opacity?: pulumi.Input; /** * A value that controls scaling of the watermark. Valid values are: `Fit`, `Stretch`, `ShrinkToFit` */ sizingPolicy?: pulumi.Input; /** * A value that determines how Elastic Transcoder interprets values that you specified for `video_watermarks.horizontal_offset`, `video_watermarks.vertical_offset`, `video_watermarks.max_width`, and `video_watermarks.max_height`. Valid values are `Content` and `Frame`. */ target?: pulumi.Input; /** * The vertical position of the watermark unless you specify a nonzero value for `verticalAlign`. Valid values are `Top`, `Bottom`, `Center`. */ verticalAlign?: pulumi.Input; /** * The amount by which you want the vertical position of the watermark to be offset from the position specified by `verticalAlign` */ verticalOffset?: pulumi.Input; } } export namespace elb { export interface LoadBalancerAccessLogs { /** * The S3 bucket name to store the logs in. */ bucket: pulumi.Input; /** * The S3 bucket prefix. Logs are stored in the root if not c