@pulumi/aws
Version:
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
862 lines • 56.9 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
import * as enums from "../types/enums";
import { InstanceProfile } from "../iam";
/**
* Provides an EC2 instance resource. This allows instances to be created, updated, and deleted.
*
* ## Example Usage
*
* ### Basic example using AMI lookup
*
* Using a data source
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const ubuntu = aws.ec2.getAmi({
* mostRecent: true,
* filters: [
* {
* name: "name",
* values: ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"],
* },
* {
* name: "virtualization-type",
* values: ["hvm"],
* },
* ],
* owners: ["099720109477"],
* });
* const example = new aws.ec2.Instance("example", {
* ami: ubuntu.then(ubuntu => ubuntu.id),
* instanceType: aws.ec2.InstanceType.T3_Micro,
* tags: {
* Name: "HelloWorld",
* },
* });
* ```
*
* Using AWS Systems Manager Parameter Store
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const example = new aws.ec2.Instance("example", {
* ami: "resolve:ssm:/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-x86_64",
* instanceType: aws.ec2.InstanceType.T3_Micro,
* tags: {
* Name: "HelloWorld",
* },
* });
* ```
*
* ### Spot instance example
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const example = aws.ec2.getAmi({
* mostRecent: true,
* owners: ["amazon"],
* filters: [
* {
* name: "architecture",
* values: ["arm64"],
* },
* {
* name: "name",
* values: ["al2023-ami-2023*"],
* },
* ],
* });
* const exampleInstance = new aws.ec2.Instance("example", {
* ami: example.then(example => example.id),
* instanceMarketOptions: {
* marketType: "spot",
* spotOptions: {
* maxPrice: "0.0031",
* },
* },
* instanceType: aws.ec2.InstanceType.T4g_Nano,
* tags: {
* Name: "test-spot",
* },
* });
* ```
*
* ### Network and credit specification example
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const myVpc = new aws.ec2.Vpc("my_vpc", {
* cidrBlock: "172.16.0.0/16",
* tags: {
* Name: "tf-example",
* },
* });
* const mySubnet = new aws.ec2.Subnet("my_subnet", {
* vpcId: myVpc.id,
* cidrBlock: "172.16.10.0/24",
* availabilityZone: "us-west-2a",
* tags: {
* Name: "tf-example",
* },
* });
* const example = new aws.ec2.NetworkInterface("example", {
* subnetId: mySubnet.id,
* privateIps: ["172.16.10.100"],
* tags: {
* Name: "primary_network_interface",
* },
* });
* const exampleInstance = new aws.ec2.Instance("example", {
* ami: "ami-005e54dee72cc1d00",
* instanceType: aws.ec2.InstanceType.T2_Micro,
* primaryNetworkInterface: {
* networkInterfaceId: example.id,
* },
* creditSpecification: {
* cpuCredits: "unlimited",
* },
* });
* ```
*
* ### CPU options example
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const example = new aws.ec2.Vpc("example", {
* cidrBlock: "172.16.0.0/16",
* tags: {
* Name: "tf-example",
* },
* });
* const exampleSubnet = new aws.ec2.Subnet("example", {
* vpcId: example.id,
* cidrBlock: "172.16.10.0/24",
* availabilityZone: "us-east-2a",
* tags: {
* Name: "tf-example",
* },
* });
* const amzn_linux_2023_ami = aws.ec2.getAmi({
* mostRecent: true,
* owners: ["amazon"],
* filters: [{
* name: "name",
* values: ["al2023-ami-2023.*-x86_64"],
* }],
* });
* const exampleInstance = new aws.ec2.Instance("example", {
* ami: amzn_linux_2023_ami.then(amzn_linux_2023_ami => amzn_linux_2023_ami.id),
* instanceType: aws.ec2.InstanceType.C6a_2XLarge,
* subnetId: exampleSubnet.id,
* cpuOptions: {
* coreCount: 2,
* threadsPerCore: 2,
* },
* tags: {
* Name: "tf-example",
* },
* });
* ```
*
* ### Host resource group or License Manager registered AMI example
*
* A host resource group is a collection of Dedicated Hosts that you can manage as a single entity. As you launch instances, License Manager allocates the hosts and launches instances on them based on the settings that you configured. You can add existing Dedicated Hosts to a host resource group and take advantage of automated host management through License Manager.
*
* > **NOTE:** A dedicated host is automatically associated with a License Manager host resource group if **Allocate hosts automatically** is enabled. Otherwise, use the `hostResourceGroupArn` argument to explicitly associate the instance with the host resource group.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const _this = new aws.ec2.Instance("this", {
* ami: "ami-0dcc1e21636832c5d",
* instanceType: aws.ec2.InstanceType.M5_Large,
* hostResourceGroupArn: "arn:aws:resource-groups:us-west-2:123456789012:group/win-testhost",
* tenancy: "host",
* });
* ```
*
* ## Tag Guide
*
* These are the five types of tags you might encounter relative to an `aws.ec2.Instance`:
*
* 1. **Instance tags**: Applied to instances but not to `ebsBlockDevice` and `rootBlockDevice` volumes.
* 2. **Default tags**: Applied to the instance and to `ebsBlockDevice` and `rootBlockDevice` volumes.
* 3. **Volume tags**: Applied during creation to `ebsBlockDevice` and `rootBlockDevice` volumes.
* 4. **Root block device tags**: Applied only to the `rootBlockDevice` volume. These conflict with `volumeTags`.
* 5. **EBS block device tags**: Applied only to the specific `ebsBlockDevice` volume you configure them for and cannot be updated. These conflict with `volumeTags`.
*
* Do not use `volumeTags` if you plan to manage block device tags outside the `aws.ec2.Instance` configuration, such as using `tags` in an `aws.ebs.Volume` resource attached via `aws.ec2.VolumeAttachment`. Doing so will result in resource cycling and inconsistent behavior.
*
* ## Import
*
* ### Identity Schema
*
* #### Required
*
* * `id` - (String) ID of the instance.
*
* #### Optional
*
* * `account_id` (String) AWS Account where this resource is managed.
*
* * `region` (String) Region where this resource is managed.
*
* Using `pulumi import`, import instances using the `id`. For example:
*
* console
*
* % pulumi import aws_instance.web i-12345678
*/
export declare class Instance extends pulumi.CustomResource {
/**
* Get an existing Instance resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: InstanceState, opts?: pulumi.CustomResourceOptions): Instance;
/**
* Returns true if the given object is an instance of Instance. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Instance;
/**
* AMI to use for the instance. Required unless `launchTemplate` is specified and the Launch Template specifes an AMI. If an AMI is specified in the Launch Template, setting `ami` will override the AMI specified in the Launch Template.
*/
readonly ami: pulumi.Output<string>;
/**
* ARN of the instance.
*/
readonly arn: pulumi.Output<string>;
/**
* Whether to associate a public IP address with an instance in a VPC.
*/
readonly associatePublicIpAddress: pulumi.Output<boolean>;
/**
* AZ to start the instance in.
*/
readonly availabilityZone: pulumi.Output<string>;
/**
* Describes an instance's Capacity Reservation targeting option. See Capacity Reservation Specification below for more details.
*/
readonly capacityReservationSpecification: pulumi.Output<outputs.ec2.InstanceCapacityReservationSpecification>;
/**
* The CPU options for the instance. See CPU Options below for more details.
*/
readonly cpuOptions: pulumi.Output<outputs.ec2.InstanceCpuOptions>;
/**
* Configuration block for customizing the credit specification of the instance. See Credit Specification below for more details. This provider will only perform drift detection of its value when present in a configuration. Removing this configuration on existing instances will only stop managing it. It will not change the configuration back to the default for the instance type.
*/
readonly creditSpecification: pulumi.Output<outputs.ec2.InstanceCreditSpecification | undefined>;
/**
* If true, enables [EC2 Instance Stop Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection).
*/
readonly disableApiStop: pulumi.Output<boolean>;
/**
* If true, enables [EC2 Instance Termination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination).
*/
readonly disableApiTermination: pulumi.Output<boolean>;
/**
* One or more configuration blocks with additional EBS block devices to attach to the instance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection. When accessing this as an attribute reference, it is a set of objects.
*/
readonly ebsBlockDevices: pulumi.Output<outputs.ec2.InstanceEbsBlockDevice[]>;
/**
* If true, the launched EC2 instance will be EBS-optimized. Note that if this is not set on an instance type that is optimized by default then this will show as disabled but if the instance type is optimized by default then there is no need to set this and there is no effect to disabling it. See the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.
*/
readonly ebsOptimized: pulumi.Output<boolean>;
/**
* Whether to assign a primary IPv6 Global Unicast Address (GUA) to the instance when launched in a dual-stack or IPv6-only subnet. A primary IPv6 address ensures a consistent IPv6 address for the instance and is automatically assigned by AWS to the ENI. Once enabled, the first IPv6 GUA becomes the primary IPv6 address and cannot be disabled. The primary IPv6 address remains until the instance is terminated or the ENI is detached. Disabling `enablePrimaryIpv6` after it has been enabled forces recreation of the instance.
*/
readonly enablePrimaryIpv6: pulumi.Output<boolean>;
/**
* Enable Nitro Enclaves on launched instances. See Enclave Options below for more details.
*/
readonly enclaveOptions: pulumi.Output<outputs.ec2.InstanceEnclaveOptions>;
/**
* One or more configuration blocks to customize Ephemeral (also known as "Instance Store") volumes on the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a set of objects.
*/
readonly ephemeralBlockDevices: pulumi.Output<outputs.ec2.InstanceEphemeralBlockDevice[]>;
/**
* Destroys instance even if `disableApiTermination` or `disableApiStop` is set to `true`. Defaults to `false`. Once this parameter is set to `true`, a successful `pulumi up` run before a destroy is required to update this value in the resource state. Without a successful `pulumi up` after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the instance or destroying the instance, this flag will not work. Additionally when importing an instance, a successful `pulumi up` is required to set this value in state before it will take effect on a destroy operation.
*/
readonly forceDestroy: pulumi.Output<boolean | undefined>;
/**
* If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `passwordData` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.
*/
readonly getPasswordData: pulumi.Output<boolean | undefined>;
/**
* If true, the launched EC2 instance will support hibernation.
*/
readonly hibernation: pulumi.Output<boolean | undefined>;
/**
* ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.
*/
readonly hostId: pulumi.Output<string>;
/**
* ARN of the host resource group in which to launch the instances. If you specify an ARN, omit the `tenancy` parameter or set it to `host`.
*/
readonly hostResourceGroupArn: pulumi.Output<string>;
/**
* IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.
*/
readonly iamInstanceProfile: pulumi.Output<string>;
/**
* Shutdown behavior for the instance. Amazon defaults this to `stop` for EBS-backed instances and `terminate` for instance-store instances. Cannot be set on instance-store instances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.
*/
readonly instanceInitiatedShutdownBehavior: pulumi.Output<string>;
/**
* Indicates whether this is a Spot Instance or a Scheduled Instance.
*/
readonly instanceLifecycle: pulumi.Output<string>;
/**
* Describes the market (purchasing) option for the instances. See Market Options below for details on attributes.
*/
readonly instanceMarketOptions: pulumi.Output<outputs.ec2.InstanceInstanceMarketOptions>;
/**
* State of the instance. One of: `pending`, `running`, `shutting-down`, `terminated`, `stopping`, `stopped`. See [Instance Lifecycle](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) for more information.
*/
readonly instanceState: pulumi.Output<string>;
/**
* Instance type to use for the instance. Required unless `launchTemplate` is specified and the Launch Template specifies an instance type. If an instance type is specified in the Launch Template, setting `instanceType` will override the instance type specified in the Launch Template. Updates to this field will trigger a stop/start of the EC2 instance.
*/
readonly instanceType: pulumi.Output<string>;
/**
* Number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.
*/
readonly ipv6AddressCount: pulumi.Output<number>;
/**
* Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface
*/
readonly ipv6Addresses: pulumi.Output<string[]>;
/**
* Key name of the Key Pair to use for the instance; which can be managed using the `aws.ec2.KeyPair` resource.
*/
readonly keyName: pulumi.Output<string>;
/**
* Specifies a Launch Template to configure the instance. Parameters configured on this resource will override the corresponding parameters in the Launch Template. See Launch Template Specification below for more details.
*/
readonly launchTemplate: pulumi.Output<outputs.ec2.InstanceLaunchTemplate | undefined>;
/**
* Maintenance and recovery options for the instance. See Maintenance Options below for more details.
*/
readonly maintenanceOptions: pulumi.Output<outputs.ec2.InstanceMaintenanceOptions>;
/**
* Customize the metadata options of the instance. See Metadata Options below for more details.
*/
readonly metadataOptions: pulumi.Output<outputs.ec2.InstanceMetadataOptions>;
/**
* If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)
*/
readonly monitoring: pulumi.Output<boolean>;
/**
* Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.
*
* @deprecated network_interface is deprecated. To specify the primary network interface, use primaryNetworkInterface instead. To attach additional network interfaces, use the aws.ec2.NetworkInterfaceAttachment resource.
*/
readonly networkInterfaces: pulumi.Output<outputs.ec2.InstanceNetworkInterface[]>;
/**
* ARN of the Outpost the instance is assigned to.
*/
readonly outpostArn: pulumi.Output<string>;
/**
* Base-64 encoded encrypted password data for the instance. Useful for getting the administrator password for instances running Microsoft Windows. This attribute is only exported if `getPasswordData` is true. Note that this encrypted value will be stored in the state file, as with all exported attributes. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.
*/
readonly passwordData: pulumi.Output<string>;
/**
* Placement Group to start the instance in. Conflicts with `placementGroupId`.
*/
readonly placementGroup: pulumi.Output<string>;
/**
* Placement Group ID to start the instance in. Conflicts with `placementGroup`.
*/
readonly placementGroupId: pulumi.Output<string>;
/**
* Number of the partition the instance is in. Valid only if the `aws.ec2.PlacementGroup` resource's `strategy` argument is set to `"partition"`.
*/
readonly placementPartitionNumber: pulumi.Output<number>;
/**
* The primary network interface. See Primary Network Interface below.
*/
readonly primaryNetworkInterface: pulumi.Output<outputs.ec2.InstancePrimaryNetworkInterface>;
/**
* ID of the instance's primary network interface.
*/
readonly primaryNetworkInterfaceId: pulumi.Output<string>;
/**
* Private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC.
*/
readonly privateDns: pulumi.Output<string>;
/**
* Options for the instance hostname. The default values are inherited from the subnet. See Private DNS Name Options below for more details.
*/
readonly privateDnsNameOptions: pulumi.Output<outputs.ec2.InstancePrivateDnsNameOptions>;
/**
* Private IP address to associate with the instance in a VPC.
*/
readonly privateIp: pulumi.Output<string>;
/**
* Public DNS name assigned to the instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC.
*/
readonly publicDns: pulumi.Output<string>;
/**
* Public IP address assigned to the instance, if applicable. **NOTE**: If you are using an `aws.ec2.Eip` with your instance, you should refer to the EIP's address directly and not use `publicIp` as this field will change after the EIP is attached.
*/
readonly publicIp: pulumi.Output<string>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
readonly region: pulumi.Output<string>;
/**
* Configuration block to customize details about the root block device of the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a list containing one object.
*/
readonly rootBlockDevice: pulumi.Output<outputs.ec2.InstanceRootBlockDevice>;
/**
* List of secondary private IPv4 addresses to assign to the instance's primary network interface (eth0) in a VPC. Can only be assigned to the primary network interface (eth0) attached at instance creation, not a pre-existing network interface i.e., referenced in a `networkInterface` block. Refer to the [Elastic network interfaces documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI) to see the maximum number of private IP addresses allowed per instance type.
*/
readonly secondaryPrivateIps: pulumi.Output<string[]>;
/**
* List of security group names to associate with.
*
* > **NOTE:** If you are creating Instances in a VPC, use `vpcSecurityGroupIds` instead.
*
* @deprecated Use of `securityGroups` is discouraged as it does not allow for changes and will force your instance to be replaced if changes are made. To avoid this, use `vpcSecurityGroupIds` which allows for updates.
*/
readonly securityGroups: pulumi.Output<string[]>;
/**
* Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. Defaults true.
*/
readonly sourceDestCheck: pulumi.Output<boolean | undefined>;
/**
* If the request is a Spot Instance request, the ID of the request.
*/
readonly spotInstanceRequestId: pulumi.Output<string>;
/**
* VPC Subnet ID to launch in.
*/
readonly subnetId: pulumi.Output<string>;
/**
* Map of tags to assign to the resource. Note that these tags apply to the instance and not block storage devices. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
readonly tags: pulumi.Output<{
[key: string]: string;
} | undefined>;
/**
* Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
*/
readonly tagsAll: pulumi.Output<{
[key: string]: string;
}>;
/**
* Tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for the import-instance command. Valid values are `default`, `dedicated`, and `host`.
*/
readonly tenancy: pulumi.Output<string>;
/**
* User data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `userDataBase64` instead. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `userDataReplaceOnChange` is set then updates to this field will trigger a destroy and recreate of the EC2 instance.
*/
readonly userData: pulumi.Output<string | undefined>;
/**
* Can be used instead of `userData` to pass base64-encoded binary data directly. Use this instead of `userData` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `userDataReplaceOnChange` is set then updates to this field will trigger a destroy and recreate of the EC2 instance.
*/
readonly userDataBase64: pulumi.Output<string>;
/**
* When used in combination with `userData` or `userDataBase64` will trigger a destroy and recreate of the EC2 instance when set to `true`. Defaults to `false` if not set.
*/
readonly userDataReplaceOnChange: pulumi.Output<boolean | undefined>;
/**
* Map of tags to assign, at instance-creation time, to root and EBS volumes.
*
* > **NOTE:** Do not use `volumeTags` if you plan to manage block device tags outside the `aws.ec2.Instance` configuration, such as using `tags` in an `aws.ebs.Volume` resource attached via `aws.ec2.VolumeAttachment`. Doing so will result in resource cycling and inconsistent behavior.
*/
readonly volumeTags: pulumi.Output<{
[key: string]: string;
} | undefined>;
/**
* List of security group IDs to associate with.
*/
readonly vpcSecurityGroupIds: pulumi.Output<string[]>;
/**
* Create a Instance resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args?: InstanceArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Instance resources.
*/
export interface InstanceState {
/**
* AMI to use for the instance. Required unless `launchTemplate` is specified and the Launch Template specifes an AMI. If an AMI is specified in the Launch Template, setting `ami` will override the AMI specified in the Launch Template.
*/
ami?: pulumi.Input<string>;
/**
* ARN of the instance.
*/
arn?: pulumi.Input<string>;
/**
* Whether to associate a public IP address with an instance in a VPC.
*/
associatePublicIpAddress?: pulumi.Input<boolean>;
/**
* AZ to start the instance in.
*/
availabilityZone?: pulumi.Input<string>;
/**
* Describes an instance's Capacity Reservation targeting option. See Capacity Reservation Specification below for more details.
*/
capacityReservationSpecification?: pulumi.Input<inputs.ec2.InstanceCapacityReservationSpecification>;
/**
* The CPU options for the instance. See CPU Options below for more details.
*/
cpuOptions?: pulumi.Input<inputs.ec2.InstanceCpuOptions>;
/**
* Configuration block for customizing the credit specification of the instance. See Credit Specification below for more details. This provider will only perform drift detection of its value when present in a configuration. Removing this configuration on existing instances will only stop managing it. It will not change the configuration back to the default for the instance type.
*/
creditSpecification?: pulumi.Input<inputs.ec2.InstanceCreditSpecification>;
/**
* If true, enables [EC2 Instance Stop Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection).
*/
disableApiStop?: pulumi.Input<boolean>;
/**
* If true, enables [EC2 Instance Termination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination).
*/
disableApiTermination?: pulumi.Input<boolean>;
/**
* One or more configuration blocks with additional EBS block devices to attach to the instance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection. When accessing this as an attribute reference, it is a set of objects.
*/
ebsBlockDevices?: pulumi.Input<pulumi.Input<inputs.ec2.InstanceEbsBlockDevice>[]>;
/**
* If true, the launched EC2 instance will be EBS-optimized. Note that if this is not set on an instance type that is optimized by default then this will show as disabled but if the instance type is optimized by default then there is no need to set this and there is no effect to disabling it. See the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.
*/
ebsOptimized?: pulumi.Input<boolean>;
/**
* Whether to assign a primary IPv6 Global Unicast Address (GUA) to the instance when launched in a dual-stack or IPv6-only subnet. A primary IPv6 address ensures a consistent IPv6 address for the instance and is automatically assigned by AWS to the ENI. Once enabled, the first IPv6 GUA becomes the primary IPv6 address and cannot be disabled. The primary IPv6 address remains until the instance is terminated or the ENI is detached. Disabling `enablePrimaryIpv6` after it has been enabled forces recreation of the instance.
*/
enablePrimaryIpv6?: pulumi.Input<boolean>;
/**
* Enable Nitro Enclaves on launched instances. See Enclave Options below for more details.
*/
enclaveOptions?: pulumi.Input<inputs.ec2.InstanceEnclaveOptions>;
/**
* One or more configuration blocks to customize Ephemeral (also known as "Instance Store") volumes on the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a set of objects.
*/
ephemeralBlockDevices?: pulumi.Input<pulumi.Input<inputs.ec2.InstanceEphemeralBlockDevice>[]>;
/**
* Destroys instance even if `disableApiTermination` or `disableApiStop` is set to `true`. Defaults to `false`. Once this parameter is set to `true`, a successful `pulumi up` run before a destroy is required to update this value in the resource state. Without a successful `pulumi up` after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the instance or destroying the instance, this flag will not work. Additionally when importing an instance, a successful `pulumi up` is required to set this value in state before it will take effect on a destroy operation.
*/
forceDestroy?: pulumi.Input<boolean>;
/**
* If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `passwordData` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.
*/
getPasswordData?: pulumi.Input<boolean>;
/**
* If true, the launched EC2 instance will support hibernation.
*/
hibernation?: pulumi.Input<boolean>;
/**
* ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.
*/
hostId?: pulumi.Input<string>;
/**
* ARN of the host resource group in which to launch the instances. If you specify an ARN, omit the `tenancy` parameter or set it to `host`.
*/
hostResourceGroupArn?: pulumi.Input<string>;
/**
* IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.
*/
iamInstanceProfile?: pulumi.Input<string | InstanceProfile>;
/**
* Shutdown behavior for the instance. Amazon defaults this to `stop` for EBS-backed instances and `terminate` for instance-store instances. Cannot be set on instance-store instances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.
*/
instanceInitiatedShutdownBehavior?: pulumi.Input<string>;
/**
* Indicates whether this is a Spot Instance or a Scheduled Instance.
*/
instanceLifecycle?: pulumi.Input<string>;
/**
* Describes the market (purchasing) option for the instances. See Market Options below for details on attributes.
*/
instanceMarketOptions?: pulumi.Input<inputs.ec2.InstanceInstanceMarketOptions>;
/**
* State of the instance. One of: `pending`, `running`, `shutting-down`, `terminated`, `stopping`, `stopped`. See [Instance Lifecycle](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) for more information.
*/
instanceState?: pulumi.Input<string>;
/**
* Instance type to use for the instance. Required unless `launchTemplate` is specified and the Launch Template specifies an instance type. If an instance type is specified in the Launch Template, setting `instanceType` will override the instance type specified in the Launch Template. Updates to this field will trigger a stop/start of the EC2 instance.
*/
instanceType?: pulumi.Input<string | enums.ec2.InstanceType>;
/**
* Number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.
*/
ipv6AddressCount?: pulumi.Input<number>;
/**
* Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface
*/
ipv6Addresses?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Key name of the Key Pair to use for the instance; which can be managed using the `aws.ec2.KeyPair` resource.
*/
keyName?: pulumi.Input<string>;
/**
* Specifies a Launch Template to configure the instance. Parameters configured on this resource will override the corresponding parameters in the Launch Template. See Launch Template Specification below for more details.
*/
launchTemplate?: pulumi.Input<inputs.ec2.InstanceLaunchTemplate>;
/**
* Maintenance and recovery options for the instance. See Maintenance Options below for more details.
*/
maintenanceOptions?: pulumi.Input<inputs.ec2.InstanceMaintenanceOptions>;
/**
* Customize the metadata options of the instance. See Metadata Options below for more details.
*/
metadataOptions?: pulumi.Input<inputs.ec2.InstanceMetadataOptions>;
/**
* If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)
*/
monitoring?: pulumi.Input<boolean>;
/**
* Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.
*
* @deprecated network_interface is deprecated. To specify the primary network interface, use primaryNetworkInterface instead. To attach additional network interfaces, use the aws.ec2.NetworkInterfaceAttachment resource.
*/
networkInterfaces?: pulumi.Input<pulumi.Input<inputs.ec2.InstanceNetworkInterface>[]>;
/**
* ARN of the Outpost the instance is assigned to.
*/
outpostArn?: pulumi.Input<string>;
/**
* Base-64 encoded encrypted password data for the instance. Useful for getting the administrator password for instances running Microsoft Windows. This attribute is only exported if `getPasswordData` is true. Note that this encrypted value will be stored in the state file, as with all exported attributes. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.
*/
passwordData?: pulumi.Input<string>;
/**
* Placement Group to start the instance in. Conflicts with `placementGroupId`.
*/
placementGroup?: pulumi.Input<string>;
/**
* Placement Group ID to start the instance in. Conflicts with `placementGroup`.
*/
placementGroupId?: pulumi.Input<string>;
/**
* Number of the partition the instance is in. Valid only if the `aws.ec2.PlacementGroup` resource's `strategy` argument is set to `"partition"`.
*/
placementPartitionNumber?: pulumi.Input<number>;
/**
* The primary network interface. See Primary Network Interface below.
*/
primaryNetworkInterface?: pulumi.Input<inputs.ec2.InstancePrimaryNetworkInterface>;
/**
* ID of the instance's primary network interface.
*/
primaryNetworkInterfaceId?: pulumi.Input<string>;
/**
* Private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC.
*/
privateDns?: pulumi.Input<string>;
/**
* Options for the instance hostname. The default values are inherited from the subnet. See Private DNS Name Options below for more details.
*/
privateDnsNameOptions?: pulumi.Input<inputs.ec2.InstancePrivateDnsNameOptions>;
/**
* Private IP address to associate with the instance in a VPC.
*/
privateIp?: pulumi.Input<string>;
/**
* Public DNS name assigned to the instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC.
*/
publicDns?: pulumi.Input<string>;
/**
* Public IP address assigned to the instance, if applicable. **NOTE**: If you are using an `aws.ec2.Eip` with your instance, you should refer to the EIP's address directly and not use `publicIp` as this field will change after the EIP is attached.
*/
publicIp?: pulumi.Input<string>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
region?: pulumi.Input<string>;
/**
* Configuration block to customize details about the root block device of the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a list containing one object.
*/
rootBlockDevice?: pulumi.Input<inputs.ec2.InstanceRootBlockDevice>;
/**
* List of secondary private IPv4 addresses to assign to the instance's primary network interface (eth0) in a VPC. Can only be assigned to the primary network interface (eth0) attached at instance creation, not a pre-existing network interface i.e., referenced in a `networkInterface` block. Refer to the [Elastic network interfaces documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI) to see the maximum number of private IP addresses allowed per instance type.
*/
secondaryPrivateIps?: pulumi.Input<pulumi.Input<string>[]>;
/**
* List of security group names to associate with.
*
* > **NOTE:** If you are creating Instances in a VPC, use `vpcSecurityGroupIds` instead.
*
* @deprecated Use of `securityGroups` is discouraged as it does not allow for changes and will force your instance to be replaced if changes are made. To avoid this, use `vpcSecurityGroupIds` which allows for updates.
*/
securityGroups?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. Defaults true.
*/
sourceDestCheck?: pulumi.Input<boolean>;
/**
* If the request is a Spot Instance request, the ID of the request.
*/
spotInstanceRequestId?: pulumi.Input<string>;
/**
* VPC Subnet ID to launch in.
*/
subnetId?: pulumi.Input<string>;
/**
* Map of tags to assign to the resource. Note that these tags apply to the instance and not block storage devices. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
*/
tagsAll?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for the import-instance command. Valid values are `default`, `dedicated`, and `host`.
*/
tenancy?: pulumi.Input<string | enums.ec2.Tenancy>;
/**
* User data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see `userDataBase64` instead. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `userDataReplaceOnChange` is set then updates to this field will trigger a destroy and recreate of the EC2 instance.
*/
userData?: pulumi.Input<string>;
/**
* Can be used instead of `userData` to pass base64-encoded binary data directly. Use this instead of `userData` whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption. Updates to this field will trigger a stop/start of the EC2 instance by default. If the `userDataReplaceOnChange` is set then updates to this field will trigger a destroy and recreate of the EC2 instance.
*/
userDataBase64?: pulumi.Input<string>;
/**
* When used in combination with `userData` or `userDataBase64` will trigger a destroy and recreate of the EC2 instance when set to `true`. Defaults to `false` if not set.
*/
userDataReplaceOnChange?: pulumi.Input<boolean>;
/**
* Map of tags to assign, at instance-creation time, to root and EBS volumes.
*
* > **NOTE:** Do not use `volumeTags` if you plan to manage block device tags outside the `aws.ec2.Instance` configuration, such as using `tags` in an `aws.ebs.Volume` resource attached via `aws.ec2.VolumeAttachment`. Doing so will result in resource cycling and inconsistent behavior.
*/
volumeTags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* List of security group IDs to associate with.
*/
vpcSecurityGroupIds?: pulumi.Input<pulumi.Input<string>[]>;
}
/**
* The set of arguments for constructing a Instance resource.
*/
export interface InstanceArgs {
/**
* AMI to use for the instance. Required unless `launchTemplate` is specified and the Launch Template specifes an AMI. If an AMI is specified in the Launch Template, setting `ami` will override the AMI specified in the Launch Template.
*/
ami?: pulumi.Input<string>;
/**
* Whether to associate a public IP address with an instance in a VPC.
*/
associatePublicIpAddress?: pulumi.Input<boolean>;
/**
* AZ to start the instance in.
*/
availabilityZone?: pulumi.Input<string>;
/**
* Describes an instance's Capacity Reservation targeting option. See Capacity Reservation Specification below for more details.
*/
capacityReservationSpecification?: pulumi.Input<inputs.ec2.InstanceCapacityReservationSpecification>;
/**
* The CPU options for the instance. See CPU Options below for more details.
*/
cpuOptions?: pulumi.Input<inputs.ec2.InstanceCpuOptions>;
/**
* Configuration block for customizing the credit specification of the instance. See Credit Specification below for more details. This provider will only perform drift detection of its value when present in a configuration. Removing this configuration on existing instances will only stop managing it. It will not change the configuration back to the default for the instance type.
*/
creditSpecification?: pulumi.Input<inputs.ec2.InstanceCreditSpecification>;
/**
* If true, enables [EC2 Instance Stop Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection).
*/
disableApiStop?: pulumi.Input<boolean>;
/**
* If true, enables [EC2 Instance Termination Protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination).
*/
disableApiTermination?: pulumi.Input<boolean>;
/**
* One or more configuration blocks with additional EBS block devices to attach to the instance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection. When accessing this as an attribute reference, it is a set of objects.
*/
ebsBlockDevices?: pulumi.Input<pulumi.Input<inputs.ec2.InstanceEbsBlockDevice>[]>;
/**
* If true, the launched EC2 instance will be EBS-optimized. Note that if this is not set on an instance type that is optimized by default then this will show as disabled but if the instance type is optimized by default then there is no need to set this and there is no effect to disabling it. See the [EBS Optimized section](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) of the AWS User Guide for more information.
*/
ebsOptimized?: pulumi.Input<boolean>;
/**
* Whether to assign a primary IPv6 Global Unicast Address (GUA) to the instance when launched in a dual-stack or IPv6-only subnet. A primary IPv6 address ensures a consistent IPv6 address for the instance and is automatically assigned by AWS to the ENI. Once enabled, the first IPv6 GUA becomes the primary IPv6 address and cannot be disabled. The primary IPv6 address remains until the instance is terminated or the ENI is detached. Disabling `enablePrimaryIpv6` after it has been enabled forces recreation of the instance.
*/
enablePrimaryIpv6?: pulumi.Input<boolean>;
/**
* Enable Nitro Enclaves on launched instances. See Enclave Options below for more details.
*/
enclaveOptions?: pulumi.Input<inputs.ec2.InstanceEnclaveOptions>;
/**
* One or more configuration blocks to customize Ephemeral (also known as "Instance Store") volumes on the instance. See Block Devices below for details. When accessing this as an attribute reference, it is a set of objects.
*/
ephemeralBlockDevices?: pulumi.Input<pulumi.Input<inputs.ec2.InstanceEphemeralBlockDevice>[]>;
/**
* Destroys instance even if `disableApiTermination` or `disableApiStop` is set to `true`. Defaults to `false`. Once this parameter is set to `true`, a successful `pulumi up` run before a destroy is required to update this value in the resource state. Without a successful `pulumi up` after this parameter is set, this flag will have no effect. If setting this field in the same operation that would require replacing the instance or destroying the instance, this flag will not work. Additionally when importing an instance, a successful `pulumi up` is required to set this value in state before it will take effect on a destroy operation.
*/
forceDestroy?: pulumi.Input<boolean>;
/**
* If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the `passwordData` attribute. See [GetPasswordData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html) for more information.
*/
getPasswordData?: pulumi.Input<boolean>;
/**
* If true, the launched EC2 instance will support hibernation.
*/
hibernation?: pulumi.Input<boolean>;
/**
* ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.
*/
hostId?: pulumi.Input<string>;
/**
* ARN of the host resource group in which to launch the instances. If you specify an ARN, omit the `tenancy` parameter or set it to `host`.
*/
hostResourceGroupArn?: pulumi.Input<string>;
/**
* IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the [EC2 documentation](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html#roles-usingrole-ec2instance-permissions), notably `iam:PassRole`.
*/
iamInstanceProfile?: pulumi.Input<string | InstanceProfile>;
/**
* Shutdown behavior for the instance. Amazon defaults this to `stop` for EBS-backed instances and `terminate` for instance-store instances. Cannot be set on instance-store instances. See [Shutdown Behavior](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingInstanceInitiatedShutdownBehavior) for more information.
*/
instanceInitiatedShutdownBehavior?: pulumi.Input<string>;
/**
* Describes the market (purchasing) option for the instances. See Market Options below for details on attributes.
*/
instanceMarketOptions?: pulumi.Input<inputs.ec2.InstanceInstanceMarketOptions>;
/**
* Instance type to use for the instance. Required unless `launchTemplate` is specified and the Launch Template specifies an instance type. If an instance type is specified in the Launch Template, setting `instanceType` will override the instance type specified in the Launch Template. Updates to this field will trigger a stop/start of the EC2 instance.
*/
instanceType?: pulumi.Input<string | enums.ec2.InstanceType>;
/**
* Number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.
*/
ipv6AddressCount?: pulumi.Input<number>;
/**
* Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface
*/
ipv6Addresses?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Key name of the Ke