UNPKG

@pulumi/aws-native

Version:

The Pulumi AWS Cloud Control Provider enables you to build, deploy, and manage [any AWS resource that's supported by the AWS Cloud Control API](https://github.com/pulumi/pulumi-aws-native/blob/master/provider/cmd/pulumi-gen-aws-native/supported-types.txt)

pulumi.com

pulumi/pulumi-aws-native

131 lines (130 loc) 7.65 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import { Region } from "./index"; /** * The provider type for the AWS Cloud Control package. By default, resources use package-wide configuration settings, however an explicit `Provider` instance may be created and passed during resource construction to achieve fine-grained programmatic control over provider settings. See the [documentation](https://www.pulumi.com/docs/reference/programming-model/#providers) for more information. */ export declare class Provider extends pulumi.ProviderResource { /** * Returns true if the given object is an instance of Provider. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Provider; /** * The profile for API operations. If not set, the default profile created with `aws configure` will be used. */ readonly profile: pulumi.Output<string | undefined>; /** * The region where AWS operations will take place. Examples are `us-east-1`, `us-west-2`, etc. */ readonly region: pulumi.Output<Region | undefined>; /** * The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role for Cloud Control API to use when performing this resource operation. Note, this is a unique feature for server side security enforcement, not to be confused with assumeRole, which is used to obtain temporary client credentials. If you do not specify a role, Cloud Control API uses a temporary session created using your AWS user credentials instead. */ readonly roleArn: pulumi.Output<string | undefined>; /** * The path to the shared credentials file. If not set this defaults to `~/.aws/credentials`. */ readonly sharedCredentialsFile: pulumi.Output<string | undefined>; /** * Create a Provider resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: ProviderArgs, opts?: pulumi.ResourceOptions); } /** * The set of arguments for constructing a Provider resource. */ export interface ProviderArgs { /** * The access key for API operations. You can retrieve this from the ‘Security & Credentials’ section of the AWS console. */ accessKey?: pulumi.Input<string>; /** * List of allowed AWS account IDs to prevent you from mistakenly using an incorrect one. Conflicts with `forbiddenAccountIds`. */ allowedAccountIds?: pulumi.Input<pulumi.Input<string>[]>; /** * Configuration for retrieving temporary credentials from the STS service. */ assumeRole?: pulumi.Input<inputs.ProviderAssumeRoleArgs>; /** * The configuration for automatically naming resources. */ autoNaming?: pulumi.Input<inputs.ProviderAutoNamingArgs>; /** * Configuration block with resource tag settings to apply across all resources handled by this provider. This is designed to replace redundant per-resource `tags` configurations. Provider tags can be overridden with new values, but not excluded from specific resources. To override provider tag values, use the `tags` argument within a resource to configure new tag values for matching keys. */ defaultTags?: pulumi.Input<inputs.ProviderDefaultTagsArgs>; /** * Configuration block for customizing service endpoints. */ endpoints?: pulumi.Input<pulumi.Input<inputs.ProviderEndpointArgs>[]>; /** * List of forbidden AWS account IDs to prevent you from mistakenly using the wrong one (and potentially end up destroying a live environment). Conflicts with `allowedAccountIds`. */ forbiddenAccountIds?: pulumi.Input<pulumi.Input<string>[]>; /** * Configuration block with resource tag settings to ignore across all resources handled by this provider (except any individual service tag resources such as `ec2.Tag`) for situations where external systems are managing certain resource tags. */ ignoreTags?: pulumi.Input<inputs.ProviderIgnoreTagsArgs>; /** * Explicitly allow the provider to perform "insecure" SSL requests. If omitted,default value is `false`. */ insecure?: pulumi.Input<boolean>; /** * The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown. */ maxRetries?: pulumi.Input<number>; /** * The profile for API operations. If not set, the default profile created with `aws configure` will be used. */ profile?: pulumi.Input<string>; /** * The region where AWS operations will take place. Examples are `us-east-1`, `us-west-2`, etc. */ region: pulumi.Input<Region>; /** * The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role for Cloud Control API to use when performing this resource operation. Note, this is a unique feature for server side security enforcement, not to be confused with assumeRole, which is used to obtain temporary client credentials. If you do not specify a role, Cloud Control API uses a temporary session created using your AWS user credentials instead. */ roleArn?: pulumi.Input<string>; /** * Set this to true to force the request to use path-style addressing, i.e., `http://s3.amazonaws.com/BUCKET/KEY`. By default, the S3 client will use virtual hosted bucket addressing when possible (`http://BUCKET.s3.amazonaws.com/KEY`). Specific to the Amazon S3 service. */ s3ForcePathStyle?: pulumi.Input<boolean>; /** * The secret key for API operations. You can retrieve this from the 'Security & Credentials' section of the AWS console. */ secretKey?: pulumi.Input<string>; /** * The path to the shared credentials file. If not set this defaults to `~/.aws/credentials`. */ sharedCredentialsFile?: pulumi.Input<string>; /** * Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS available/implemented. */ skipCredentialsValidation?: pulumi.Input<boolean>; /** * Skip getting the supported EC2 platforms. Used by users that don't have `ec2:DescribeAccountAttributes` permissions. */ skipGetEc2Platforms?: pulumi.Input<boolean>; /** * Skip the AWS Metadata API check. Useful for AWS API implementations that do not have a metadata API endpoint. Setting to true prevents Pulumi from authenticating via the Metadata API. You may need to use other authentication methods like static credentials, configuration variables, or environment variables. */ skipMetadataApiCheck?: pulumi.Input<boolean>; /** * Skip static validation of region name. Used by users of alternative AWS-like APIs or users with access to regions that are not public. */ skipRegionValidation?: pulumi.Input<boolean>; /** * Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API. */ skipRequestingAccountId?: pulumi.Input<boolean>; /** * Session token for validating temporary credentials. Typically provided after successful identity federation or Multi-Factor Authentication (MFA) login. With MFA login, this is the session token provided afterward, not the 6 digit MFA code used to get temporary credentials. */ token?: pulumi.Input<string>; }