Module ec2

@pulumi/awsx > ec2

class AllTcpPorts

extends TcpPorts
implements SecurityGroupRulePorts

constructor

new AllTcpPorts()

property fromPort

public fromPort: pulumi.Input<number>;

property protocol

public protocol: "tcp" = "tcp";

property toPort

public toPort?: pulumi.Input<number>;

class AllTraffic

implements SecurityGroupRulePorts

property fromPort

public fromPort: 0 = 0;

property protocol

public protocol: "-1" = "-1";

property toPort

public toPort: 0 = 0;

class AllUdpPorts

extends UdpPorts
implements SecurityGroupRulePorts

constructor

new AllUdpPorts()

property fromPort

public fromPort: pulumi.Input<number>;

property protocol

public protocol: "udp" = "udp";

property toPort

public toPort?: pulumi.Input<number>;

class AnyIPv4Location

implements SecurityGroupRuleLocation

property cidrBlocks

public cidrBlocks: string[] =  ["0.0.0.0/0"];

class AnyIPv6Location

implements SecurityGroupRuleLocation

property ipv6CidrBlocks

public ipv6CidrBlocks: string[] =  ["::0/0"];

class Cidr32Block

constructor

new Cidr32Block(startIpAddressInclusive: number, subnetMaskLeading1Bits: number)

Do not call directly. Use the static factory methods to generate a cidr block

method fromCidrNotation

public static fromCidrNotation(cidr: string): Cidr32Block

Returns a cidr block given notation like “a.b.c.d/n”

method nextBlock

public nextBlock(): Cidr32Block

method toString

public toString(): string

property endIpAddressExclusive

public endIpAddressExclusive: number;

property startIpAddressInclusive

public startIpAddressInclusive: number;

property subnetMaskLeading1Bits

public subnetMaskLeading1Bits: number;

class EgressSecurityGroupRule

extends SecurityGroupRule

constructor

new EgressSecurityGroupRule(name: string, securityGroup: x.ec2.SecurityGroup, args: EgressSecurityGroupRuleArgs, opts?: pulumi.ComponentResourceOptions)

method egress

public static egress(name: string, securityGroup: x.ec2.SecurityGroup, destination: SecurityGroupRuleLocation, ports: SecurityGroupRulePorts, description?: pulumi.Input<string>, opts?: pulumi.ComponentResourceOptions): EgressSecurityGroupRule

method egressArgs

public static egressArgs(destination: SecurityGroupRuleLocation, ports: SecurityGroupRulePorts, description?: pulumi.Input<string>): EgressSecurityGroupRuleArgs

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method ingress

public static ingress(name: string, securityGroup: x.ec2.SecurityGroup, source: SecurityGroupRuleLocation, ports: SecurityGroupRulePorts, description?: pulumi.Input<string>, opts?: pulumi.ComponentResourceOptions): IngressSecurityGroupRule

method ingressArgs

public static ingressArgs(source: SecurityGroupRuleLocation, ports: SecurityGroupRulePorts, description?: pulumi.Input<string>): IngressSecurityGroupRuleArgs

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

method registerOutputs

protected registerOutputs(outputs?: Inputs | Promise<Inputs> | Output<Inputs>): void

property securityGroup

public securityGroup: x.ec2.SecurityGroup;

property securityGroupRule

public securityGroupRule: aws.ec2.SecurityGroupRule;

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class IcmpPorts

implements SecurityGroupRulePorts

constructor

new IcmpPorts(fromPort: pulumi.Input<number>, toPort?: pulumi.Input<number>)

property fromPort

public fromPort: pulumi.Input<number>;

property protocol

public protocol: "icmp" = "icmp";

property toPort

public toPort?: pulumi.Input<number>;

class IngressSecurityGroupRule

extends SecurityGroupRule

constructor

new IngressSecurityGroupRule(name: string, securityGroup: x.ec2.SecurityGroup, args: IngressSecurityGroupRuleArgs, opts?: pulumi.ComponentResourceOptions)

method egress

public static egress(name: string, securityGroup: x.ec2.SecurityGroup, destination: SecurityGroupRuleLocation, ports: SecurityGroupRulePorts, description?: pulumi.Input<string>, opts?: pulumi.ComponentResourceOptions): EgressSecurityGroupRule

method egressArgs

public static egressArgs(destination: SecurityGroupRuleLocation, ports: SecurityGroupRulePorts, description?: pulumi.Input<string>): EgressSecurityGroupRuleArgs

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method ingress

public static ingress(name: string, securityGroup: x.ec2.SecurityGroup, source: SecurityGroupRuleLocation, ports: SecurityGroupRulePorts, description?: pulumi.Input<string>, opts?: pulumi.ComponentResourceOptions): IngressSecurityGroupRule

method ingressArgs

public static ingressArgs(source: SecurityGroupRuleLocation, ports: SecurityGroupRulePorts, description?: pulumi.Input<string>): IngressSecurityGroupRuleArgs

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

method registerOutputs

protected registerOutputs(outputs?: Inputs | Promise<Inputs> | Output<Inputs>): void

property securityGroup

public securityGroup: x.ec2.SecurityGroup;

property securityGroupRule

public securityGroupRule: aws.ec2.SecurityGroupRule;

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class SecurityGroup

extends ComponentResource

constructor

new SecurityGroup(name: string, args: SecurityGroupArgs, opts: pulumi.ComponentResourceOptions)

method createEgressRule

public createEgressRule(name: string, args: x.ec2.EgressSecurityGroupRuleArgs, opts?: pulumi.ComponentResourceOptions): EgressSecurityGroupRule

method createIngressRule

public createIngressRule(name: string, args: x.ec2.IngressSecurityGroupRuleArgs, opts?: pulumi.ComponentResourceOptions): IngressSecurityGroupRule

method fromExistingId

public static fromExistingId(name: string, id: pulumi.Input<string>, args: SecurityGroupArgs, opts: pulumi.ComponentResourceOptions): SecurityGroup

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

method isSecurityGroupInstance

public static isSecurityGroupInstance(obj: any): boolean

method registerOutputs

protected registerOutputs(outputs?: Inputs | Promise<Inputs> | Output<Inputs>): void

property egressRules

public egressRules: x.ec2.IngressSecurityGroupRule[] =  [];

property id

public id: pulumi.Output<string>;

property ingressRules

public ingressRules: x.ec2.IngressSecurityGroupRule[] =  [];

property securityGroup

public securityGroup: aws.ec2.SecurityGroup;

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpc

public vpc: x.ec2.Vpc;

class SecurityGroupRule

extends ComponentResource

constructor

new SecurityGroupRule(type: string, name: string, securityGroup: x.ec2.SecurityGroup, args: SecurityGroupRuleArgs, opts?: pulumi.ComponentResourceOptions)

method egress

public static egress(name: string, securityGroup: x.ec2.SecurityGroup, destination: SecurityGroupRuleLocation, ports: SecurityGroupRulePorts, description?: pulumi.Input<string>, opts?: pulumi.ComponentResourceOptions): EgressSecurityGroupRule

method egressArgs

public static egressArgs(destination: SecurityGroupRuleLocation, ports: SecurityGroupRulePorts, description?: pulumi.Input<string>): EgressSecurityGroupRuleArgs

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method ingress

public static ingress(name: string, securityGroup: x.ec2.SecurityGroup, source: SecurityGroupRuleLocation, ports: SecurityGroupRulePorts, description?: pulumi.Input<string>, opts?: pulumi.ComponentResourceOptions): IngressSecurityGroupRule

method ingressArgs

public static ingressArgs(source: SecurityGroupRuleLocation, ports: SecurityGroupRulePorts, description?: pulumi.Input<string>): IngressSecurityGroupRuleArgs

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

method registerOutputs

protected registerOutputs(outputs?: Inputs | Promise<Inputs> | Output<Inputs>): void

property securityGroup

public securityGroup: x.ec2.SecurityGroup;

property securityGroupRule

public securityGroupRule: aws.ec2.SecurityGroupRule;

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class Subnet

extends ComponentResource

constructor

new Subnet(name: string, vpc: x.ec2.Vpc, args: SubnetArgs, opts?: pulumi.ComponentResourceOptions)
new Subnet(name: string, vpc: x.ec2.Vpc, args: ExistingSubnetArgs, opts?: pulumi.ComponentResourceOptions)

method createRoute

public createRoute(name: string, args: RouteArgs, opts?: pulumi.ComponentResourceOptions): void
public createRoute(name: string, provider: SubnetRouteProvider, opts?: pulumi.ComponentResourceOptions): void

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

method isSubnetInstance

public static isSubnetInstance(obj: any): boolean

method registerOutputs

protected registerOutputs(outputs?: Inputs | Promise<Inputs> | Output<Inputs>): void

property id

public id: pulumi.Output<string>;

Underlying id for the aws subnet. This should be used over [this.subnet.id] as this Output will only resolve once the route table and all associations are resolved.

property routeTable

public routeTable: aws.ec2.RouteTable;

property routeTableAssociation

public routeTableAssociation: aws.ec2.RouteTableAssociation;

property routes

public routes: aws.ec2.Route[] =  [];

property subnet

public subnet: aws.ec2.Subnet;

property subnetName

public subnetName: string;

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpc

public vpc: x.ec2.Vpc;

class TcpPorts

implements SecurityGroupRulePorts

constructor

new TcpPorts(fromPort: pulumi.Input<number>, toPort?: pulumi.Input<number>)

property fromPort

public fromPort: pulumi.Input<number>;

property protocol

public protocol: "tcp" = "tcp";

property toPort

public toPort?: pulumi.Input<number>;

class UdpPorts

implements SecurityGroupRulePorts

constructor

new UdpPorts(fromPort: pulumi.Input<number>, toPort?: pulumi.Input<number>)

property fromPort

public fromPort: pulumi.Input<number>;

property protocol

public protocol: "udp" = "udp";

property toPort

public toPort?: pulumi.Input<number>;

class Vpc

extends ComponentResource

constructor

new Vpc(name: string, args?: VpcArgs, opts?: pulumi.ComponentResourceOptions)
new Vpc(name: string, args?: ExistingVpcArgs, opts?: pulumi.ComponentResourceOptions)

method addInternetGateway

public addInternetGateway(name: string, subnets?: x.ec2.Subnet[], args: aws.ec2.InternetGatewayArgs, opts?: pulumi.ComponentResourceOptions): InternetGateway

Adds an [awsx.ec2.InternetGateway] to this VPC. Will fail if this Vpc already has an InternetGateway.

method addNatGateway

public addNatGateway(name: string, args: x.ec2.NatGatewayArgs, opts: pulumi.ComponentResourceOptions): NatGateway

Adds an [awsx.ec2.NatGateway] to this VPC. The NatGateway must be supplied a subnet (normally public) to be placed in. After adding the NatGateway you should update the route table associated with one or more of your private subnets to point Internet-bound traffic to the NAT gateway. This enables instances in your private subnets to communicate with the internet.

This can be done by calling [subnet.createRoute] and passing in the newly created NatGateway.

method fromExistingIds

public static fromExistingIds(name: string, idArgs: ExistingVpcIdArgs, opts?: pulumi.ComponentResourceOptions): Vpc

method getDefault

public static getDefault(opts?: pulumi.ComponentResourceOptions): Vpc

Gets the default vpc for the current aws account and region.

See https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html for more details.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method getSubnetIds

public getSubnetIds(type: VpcSubnetType): OutputInstance<string> & { ... }[]

method getSubnets

public getSubnets(type: VpcSubnetType): Subnet[]

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

method registerOutputs

protected registerOutputs(outputs?: Inputs | Promise<Inputs> | Output<Inputs>): void

property id

public id: pulumi.Output<string>;

property internetGateway

public internetGateway?: x.ec2.InternetGateway;

The internet gateway created to allow traffic to/from the internet to the public subnets. Only available if this was created using [VpcArgs].

property isolatedSubnetIds

public isolatedSubnetIds: pulumi.Output<string>[] =  [];

property isolatedSubnets

public isolatedSubnets: x.ec2.Subnet[] =  [];

property natGateways

public natGateways: x.ec2.NatGateway[] =  [];

The nat gateways created to allow private subnets access to the internet. Only available if this was created using [VpcArgs].

property privateSubnetIds

public privateSubnetIds: pulumi.Output<string>[] =  [];

property privateSubnets

public privateSubnets: x.ec2.Subnet[] =  [];

property publicSubnetIds

public publicSubnetIds: pulumi.Output<string>[] =  [];

property publicSubnets

public publicSubnets: x.ec2.Subnet[] =  [];

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpc

public vpc: aws.ec2.Vpc;

class VpcTopology

constructor

new VpcTopology(vpc: x.ec2.Vpc, vpcName: string, vpcCidr: string, numberOfAvailabilityZones: number, opts: pulumi.ComponentResourceOptions | undefined)

method createSubnets

public createSubnets(subnetArgsArray: x.ec2.VpcSubnetArgs[]): void

function getIPv4Address

getIPv4Address(value: number): string

function getSecurityGroups

getSecurityGroups(vpc: x.ec2.Vpc, name: string, args: SecurityGroupOrId[] | undefined, opts: pulumi.ResourceOptions | undefined): undefined | SecurityGroup[]

interface EgressSecurityGroupRuleArgs

property cidrBlocks

cidrBlocks?: pulumi.Input<pulumi.Input<string>[]>;

List of CIDR blocks. Cannot be specified with source_security_group_id.

property description

description?: pulumi.Input<string>;

Description of the rule.

property fromPort

fromPort: pulumi.Input<number>;

The start port (or ICMP type number if protocol is “icmp”).

property ipv6CidrBlocks

ipv6CidrBlocks?: pulumi.Input<pulumi.Input<string>[]>;

List of IPv6 CIDR blocks.

property prefixListIds

prefixListIds?: pulumi.Input<pulumi.Input<string>[]>;

List of prefix list IDs (for allowing access to VPC endpoints).

property protocol

protocol: pulumi.Input<string>;

The protocol. If not icmp, tcp, udp, or all use the protocol number

property self

self?: pulumi.Input<boolean>;

If true, the security group itself will be added as a source to this ingress rule.

property sourceSecurityGroupId

sourceSecurityGroupId?: pulumi.Input<string>;

The security group id to allow access to/from, depending on the type. Cannot be specified with cidr_blocks.

property toPort

toPort: pulumi.Input<number>;

The end port (or ICMP code if protocol is “icmp”).

interface ExistingSubnetArgs

property subnet

subnet: aws.ec2.Subnet;

Optional existing instance to use to make the awsx Subnet out of. If this is provided No RouteTable or RouteTableAssociation will be automatically be created.

interface ExistingVpcArgs

property vpc

vpc: aws.ec2.Vpc;

The id of the VPC.

interface ExistingVpcIdArgs

property internetGatewayId

internetGatewayId?: pulumi.Input<string>;

The id of the internet gateway for this VPC

property isolatedSubnetIds

isolatedSubnetIds?: pulumi.Input<string>[];

The isolated subnets for the vpc.

property natGatewayIds

natGatewayIds?: pulumi.Input<string>[];

The ids of the nat gateways for this VPC

property privateSubnetIds

privateSubnetIds?: pulumi.Input<string>[];

The private subnets for the vpc.

property publicSubnetIds

publicSubnetIds?: pulumi.Input<string>[];

The public subnets for the vpc.

property vpcId

vpcId: pulumi.Input<string>;

The id of the VPC.

interface IngressSecurityGroupRuleArgs

property cidrBlocks

cidrBlocks?: pulumi.Input<pulumi.Input<string>[]>;

List of CIDR blocks. Cannot be specified with source_security_group_id.

property description

description?: pulumi.Input<string>;

Description of the rule.

property fromPort

fromPort: pulumi.Input<number>;

The start port (or ICMP type number if protocol is “icmp”).

property ipv6CidrBlocks

ipv6CidrBlocks?: pulumi.Input<pulumi.Input<string>[]>;

List of IPv6 CIDR blocks.

property protocol

protocol: pulumi.Input<string>;

The protocol. If not icmp, tcp, udp, or all use the protocol number

property self

self?: pulumi.Input<boolean>;

If true, the security group itself will be added as a source to this ingress rule.

property sourceSecurityGroupId

sourceSecurityGroupId?: pulumi.Input<string>;

The security group id to allow access to/from, depending on the type. Cannot be specified with cidr_blocks.

property toPort

toPort: pulumi.Input<number>;

The end port (or ICMP code if protocol is “icmp”).

interface RouteArgs

The set of arguments for constructing a Route resource.

property destinationCidrBlock

destinationCidrBlock?: pulumi.Input<string>;

The destination CIDR block.

property destinationIpv6CidrBlock

destinationIpv6CidrBlock?: pulumi.Input<string>;

The destination IPv6 CIDR block.

property egressOnlyGatewayId

egressOnlyGatewayId?: pulumi.Input<string>;

Identifier of a VPC Egress Only Internet Gateway.

property gatewayId

gatewayId?: pulumi.Input<string>;

Identifier of a VPC internet gateway or a virtual private gateway.

property instanceId

instanceId?: pulumi.Input<string>;

Identifier of an EC2 instance.

property natGatewayId

natGatewayId?: pulumi.Input<string>;

Identifier of a VPC NAT gateway.

property networkInterfaceId

networkInterfaceId?: pulumi.Input<string>;

Identifier of an EC2 network interface.

property transitGatewayId

transitGatewayId?: pulumi.Input<string>;

Identifier of an EC2 Transit Gateway.

property vpcPeeringConnectionId

vpcPeeringConnectionId?: pulumi.Input<string>;

Identifier of a VPC peering connection.

interface SecurityGroupArgs

property description

description?: pulumi.Input<string>;

The security group description. Defaults to “Managed by Terraform”. Cannot be “”. NOTE: This field maps to the AWS GroupDescription attribute, for which there is no Update API. If you’d like to classify your security groups in a way that can be updated, use tags.

property egress

egress?: x.ec2.EgressSecurityGroupRuleArgs[];

Can be specified multiple times for each egress rule. Each egress block supports fields documented below.

property ingress

ingress?: x.ec2.IngressSecurityGroupRuleArgs[];

Can be specified multiple times for each ingress rule. Each ingress block supports fields documented below.

property revokeRulesOnDelete

revokeRulesOnDelete?: pulumi.Input<boolean>;

Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first. Default false

property securityGroup

securityGroup?: aws.ec2.SecurityGroup;

An existing SecurityGroup to use for this awsx SecurityGroup. If not provided, a default one will be created.

property tags

tags?: pulumi.Input<aws.Tags>;

property vpc

vpc?: x.ec2.Vpc;

The vpc this security group applies to. Or [Network.getDefault] if unspecified.

interface SecurityGroupRuleArgs

property cidrBlocks

cidrBlocks?: pulumi.Input<pulumi.Input<string>[]>;

List of CIDR blocks. Cannot be specified with source_security_group_id.

property description

description?: pulumi.Input<string>;

Description of the rule.

property fromPort

fromPort: pulumi.Input<number>;

The start port (or ICMP type number if protocol is “icmp”).

property ipv6CidrBlocks

ipv6CidrBlocks?: pulumi.Input<pulumi.Input<string>[]>;

List of IPv6 CIDR blocks.

property prefixListIds

prefixListIds?: pulumi.Input<pulumi.Input<string>[]>;

List of prefix list IDs (for allowing access to VPC endpoints). Only valid with egress.

property protocol

protocol: pulumi.Input<string>;

The protocol. If not icmp, tcp, udp, or all use the protocol number

property self

self?: pulumi.Input<boolean>;

If true, the security group itself will be added as a source to this ingress rule.

property sourceSecurityGroupId

sourceSecurityGroupId?: pulumi.Input<string>;

The security group id to allow access to/from, depending on the type. Cannot be specified with cidr_blocks.

property toPort

toPort: pulumi.Input<number>;

The end port (or ICMP code if protocol is “icmp”).

property type

type: pulumi.Input<"ingress" | "egress">;

The type of rule being created. Valid options are ingress (inbound) or egress (outbound).

interface SecurityGroupRuleLocation

property cidrBlocks

cidrBlocks?: pulumi.Input<pulumi.Input<string>[]>;

List of CIDR blocks. Cannot be specified with sourceSecurityGroupId.

property ipv6CidrBlocks

ipv6CidrBlocks?: pulumi.Input<pulumi.Input<string>[]>;

List of IPv6 CIDR blocks.

property sourceSecurityGroupId

sourceSecurityGroupId?: pulumi.Input<string>;

The security group id to allow access to/from, depending on the type. Cannot be specified with cidrblocks.

interface SecurityGroupRulePorts

property fromPort

fromPort: pulumi.Input<number>;

The start port (or ICMP type number if protocol is “icmp”).

property protocol

protocol: pulumi.Input<SecurityGroupRuleProtocol>;

The protocol. If not icmp, tcp, udp, or all use the protocol number

property toPort

toPort?: pulumi.Input<number>;

The end port (or ICMP code if protocol is “icmp”). Defaults to ‘fromPort’ if not specified.

interface SubnetArgs

property assignIpv6AddressOnCreation

assignIpv6AddressOnCreation?: pulumi.Input<boolean>;

Specify true to indicate that network interfaces created in the specified subnet should be assigned an IPv6 address. Default is false

property availabilityZone

availabilityZone?: pulumi.Input<string>;

The AZ for the subnet.

property availabilityZoneId

availabilityZoneId?: pulumi.Input<string>;

The AZ ID of the subnet.

property cidrBlock

cidrBlock: pulumi.Input<string>;

The CIDR block for the subnet.

property ipv6CidrBlock

ipv6CidrBlock?: pulumi.Input<string>;

The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length.

property mapPublicIpOnLaunch

mapPublicIpOnLaunch?: pulumi.Input<boolean>;

Specify true to indicate that instances launched into the subnet should be assigned a public IP address. Default is false.

property tags

tags?: pulumi.Input<aws.Tags>;

A mapping of tags to assign to the resource.

interface SubnetRouteProvider

interface VpcArgs

property assignGeneratedIpv6CidrBlock

assignGeneratedIpv6CidrBlock?: pulumi.Input<boolean>;

Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is false.

property cidrBlock

cidrBlock?: undefined | string;

The CIDR block for the VPC. Defaults to “10.0.0.0/16” if unspecified.

enableClassiclink?: pulumi.Input<boolean>;

A boolean flag to enable/disable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic. See the [ClassicLink documentation][1] for more information. Defaults false.

property enableClassiclinkDnsSupport

enableClassiclinkDnsSupport?: pulumi.Input<boolean>;

A boolean flag to enable/disable ClassicLink DNS Support for the VPC. Only valid in regions and accounts that support EC2 Classic.

property enableDnsHostnames

enableDnsHostnames?: pulumi.Input<boolean>;

A boolean flag to enable/disable DNS hostnames in the VPC. Defaults to true if unspecified.

property enableDnsSupport

enableDnsSupport?: pulumi.Input<boolean>;

A boolean flag to enable/disable DNS support in the VPC. Defaults true if unspecified.

property instanceTenancy

instanceTenancy?: pulumi.Input<"default" | "dedicated">;

A tenancy option for instances launched into the VPC. Defaults to “default” if unspecified.

property numberOfAvailabilityZones

numberOfAvailabilityZones?: undefined | number;

The maximum number of availability zones to use in the current region. Defaults to ‘2’ if unspecified.

property numberOfNatGateways

numberOfNatGateways?: undefined | number;

The number of NAT gateways to create if there are any private subnets created. A NAT gateway enables instances in a private subnet to connect to the internet or other AWS services, but prevent the internet from initiating a connection with those instances. A minimum of ‘1’ gateway is needed if an instance is to be allowed connection to the internet.

If this is set, a nat gateway will be made for each availability zone in the current region. The first public subnet for that availability zone will be the one used to place the nat gateway in. If less gateways are requested than availability zones, then only that many nat gateways will be created.

Private subnets in an availability zone that contains a nat gateway will route through that gateway. Private subnets in an availability zone that does not contain a nat gateway will be routed to the other nat gateways in a round-robin fashion.

See https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html for more details.

Defaults to [numberOfAvailabilityZones].

property subnets

subnets?: VpcSubnetArgs[];

The information about what subnets to create per availability zone. Defaults to one public and one private subnet if unspecified.

property tags

tags?: pulumi.Input<aws.Tags>;

A mapping of tags to assign to the resource.

interface VpcSubnetArgs

Information that controls how each vpc subnet should be created for each availability zone. The vpc will control actually creating the appropriate subnets in each zone depending on the values specified in this type. This help ensure that each subnet will reside entirely within one Availability Zone and cannot span zones.

See https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html for more details.

property cidrMask

cidrMask?: undefined | number;

The number of leading bits in the Vpc cidrBlock to use to define the cidrBlock for this subnet. By providing masking bits, this can be computed in a way that ensures that each subnet has a distinct block.

If this is not provided, the cidrBlock for the vpc will be appropriately split based on the number of subnets and availability zones there are.

The allowed mask size is between a 28 netmask and 16 netmask. See https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html for more details.

property name

name?: undefined | string;

An optional name to use as part of the subnet name. If not provided, will be set to “public”/”private”/”isolated” depending on the [type] of this subnet. Required if making multiple subnets with the same type.

property tags

tags?: pulumi.Input<aws.Tags>;

property type

type: VpcSubnetType;

The type of subnet to make in each availability zone.

type SecurityGroupOrId

type SecurityGroupOrId = SecurityGroup | pulumi.Input<string>;

type SecurityGroupRuleProtocol

type SecurityGroupRuleProtocol = "-1" | "tcp" | "udp" | "icmp";

type SubnetOrId

type SubnetOrId = Subnet | pulumi.Input<string>;

type VpcSubnetType

type VpcSubnetType = "public" | "private" | "isolated";

The type of this subet.

  1. A “public” subnet will route traffic to an [InternetGateway]. If you specify a public subnet this InternetGateway will be created on your behalf and traffic will be routed accordingly.
  2. A “private” subnet is similar to “public” except that the subnet will not have a route to the [InternetGateway]. Instead, there will be a route entry setup for the NatGateway in that availability zone to the subnet.
  3. Unlike “public” or “private” subnets, an “isolated” subnet has no routing specified at all.