mirrors
/
pulumi
mirror of https://github.com/pulumi/pulumi.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
pulumi/tests/testdata/codegen/awsx-1.0.0-beta.5.json

2883 lines
178 KiB
JSON
Raw Permalink Blame History

{
"name": "awsx",
"description": "Pulumi Amazon Web Services (AWS) AWSX Components.",
"keywords": [
"pulumi",
"aws",
"awsx"
],
"homepage": "https://pulumi.com",
"license": "Apache-2.0",
"repository": "https://github.com/pulumi/pulumi-awsx",
"config": {},
"types": {
"awsx:awsx:Bucket": {
"description": "The set of arguments for constructing a Bucket resource.",
"properties": {
"accelerationStatus": {
"type": "string",
"description": "Sets the accelerate configuration of an existing bucket. Can be `Enabled` or `Suspended`.\n"
},
"acl": {
"type": "string",
"description": "The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply. Valid values are `private`, `public-read`, `public-read-write`, `aws-exec-read`, `authenticated-read`, and `log-delivery-write`. Defaults to `private`. Conflicts with `grant`.\n"
},
"arn": {
"type": "string",
"description": "The ARN of the bucket. Will be of format `arn:aws:s3:::bucketname`.\n"
},
"bucket": {
"type": "string",
"description": "The name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html).\n",
"language": {
"csharp": {
"name": "BucketName"
}
}
},
"bucketPrefix": {
"type": "string",
"description": "Creates a unique bucket name beginning with the specified prefix. Conflicts with `bucket`. Must be lowercase and less than or equal to 37 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html).\n"
},
"corsRules": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:s3/BucketCorsRule:BucketCorsRule"
},
"description": "A rule of [Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) (documented below).\n"
},
"forceDestroy": {
"type": "boolean",
"description": "A boolean that indicates all objects (including any [locked objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html)) should be deleted from the bucket so that the bucket can be destroyed without error. These objects are *not* recoverable.\n"
},
"grants": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:s3/BucketGrant:BucketGrant"
},
"description": "An [ACL policy grant](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#sample-acl) (documented below). Conflicts with `acl`.\n"
},
"hostedZoneId": {
"type": "string",
"description": "The [Route 53 Hosted Zone ID](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_website_region_endpoints) for this bucket's region.\n"
},
"lifecycleRules": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:s3/BucketLifecycleRule:BucketLifecycleRule"
},
"description": "A configuration of [object lifecycle management](http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) (documented below).\n"
},
"loggings": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:s3/BucketLogging:BucketLogging"
},
"description": "A settings of [bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/UG/ManagingBucketLogging.html) (documented below).\n"
},
"objectLockConfiguration": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:s3/BucketObjectLockConfiguration:BucketObjectLockConfiguration",
"description": "A configuration of [S3 object locking](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) (documented below)\n"
},
"policy": {
"type": "string",
"description": "A valid [bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html) JSON document. Note that if the policy document is not specific enough (but still valid), this provider may view the policy as constantly changing in a `pulumi preview`. In this case, please make sure you use the verbose/specific version of the policy.\n"
},
"replicationConfiguration": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:s3/BucketReplicationConfiguration:BucketReplicationConfiguration",
"description": "A configuration of [replication configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html) (documented below).\n"
},
"requestPayer": {
"type": "string",
"description": "Specifies who should bear the cost of Amazon S3 data transfer.\nCan be either `BucketOwner` or `Requester`. By default, the owner of the S3 bucket would incur\nthe costs of any data transfer. See [Requester Pays Buckets](http://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html)\ndeveloper guide for more information.\n"
},
"serverSideEncryptionConfiguration": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:s3/BucketServerSideEncryptionConfiguration:BucketServerSideEncryptionConfiguration",
"description": "A configuration of [server-side encryption configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) (documented below)\n"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "A map of tags to assign to the bucket. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n"
},
"versioning": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:s3/BucketVersioning:BucketVersioning",
"description": "A state of [versioning](https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html) (documented below)\n"
},
"website": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:s3/BucketWebsite:BucketWebsite",
"description": "A website object (documented below).\n"
},
"websiteDomain": {
"type": "string",
"description": "The domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records.\n"
},
"websiteEndpoint": {
"type": "string",
"description": "The website endpoint, if the bucket is configured with a website. If not, this will be an empty string.\n"
}
},
"type": "object"
},
"awsx:awsx:DefaultBucket": {
"description": "Bucket with default setup unless explicitly skipped.",
"properties": {
"args": {
"$ref": "#/types/awsx:awsx:Bucket",
"plain": true,
"description": "Arguments to use instead of the default values during creation."
},
"existing": {
"$ref": "#/types/awsx:awsx:ExistingBucket",
"plain": true,
"description": "Identity of an existing bucket to use. Cannot be used in combination with `args`."
},
"skip": {
"type": "boolean",
"plain": true,
"description": "Skip creation of the bucket."
}
},
"type": "object"
},
"awsx:awsx:DefaultLogGroup": {
"description": "Log group with default setup unless explicitly skipped.",
"properties": {
"args": {
"$ref": "#/types/awsx:awsx:LogGroup",
"plain": true,
"description": "Arguments to use instead of the default values during creation."
},
"existing": {
"$ref": "#/types/awsx:awsx:ExistingLogGroup",
"plain": true,
"description": "Identity of an existing log group to use. Cannot be used in combination with `args` or `opts`."
},
"skip": {
"type": "boolean",
"plain": true,
"description": "Skip creation of the log group."
}
},
"type": "object"
},
"awsx:awsx:DefaultRoleWithPolicy": {
"description": "Role and policy attachments with default setup unless explicitly skipped or an existing role ARN provided.",
"properties": {
"args": {
"$ref": "#/types/awsx:awsx:RoleWithPolicy",
"plain": true,
"description": "Args to use when creating the role and policies. Can't be specified if `roleArn` is used."
},
"roleArn": {
"type": "string",
"description": "ARN of existing role to use instead of creating a new role. Cannot be used in combination with `args` or `opts`."
},
"skip": {
"type": "boolean",
"plain": true,
"description": "Skips creation of the role if set to `true`."
}
},
"type": "object"
},
"awsx:awsx:DefaultSecurityGroup": {
"description": "Security Group with default setup unless explicitly skipped or an existing security group id provided.",
"properties": {
"args": {
"$ref": "#/types/awsx:awsx:SecurityGroup",
"plain": true,
"description": "Args to use when creating the security group. Can't be specified if `securityGroupId` is used."
},
"securityGroupId": {
"type": "string",
"description": "Id of existing security group to use instead of creating a new security group. Cannot be used in combination with `args` or `opts`."
},
"skip": {
"type": "boolean",
"plain": true,
"description": "Skips creation of the security group if set to `true`."
}
},
"type": "object"
},
"awsx:awsx:ExistingBucket": {
"description": "Reference to an existing bucket.",
"properties": {
"arn": {
"type": "string",
"description": "Arn of the bucket. Only one of [arn] or [name] can be specified."
},
"name": {
"type": "string",
"description": "Name of the bucket. Only one of [arn] or [name] can be specified."
}
},
"type": "object"
},
"awsx:awsx:ExistingLogGroup": {
"description": "Reference to an existing log group.",
"properties": {
"arn": {
"type": "string",
"description": "Arn of the log group. Only one of [arn] or [name] can be specified."
},
"name": {
"type": "string",
"description": "Name of the log group. Only one of [arn] or [name] can be specified."
},
"region": {
"type": "string",
"description": "Region of the log group. If not specified, the provider region will be used."
}
},
"type": "object"
},
"awsx:awsx:LogGroup": {
"description": "The set of arguments for constructing a LogGroup resource.",
"properties": {
"kmsKeyId": {
"type": "string",
"description": "The ARN of the KMS Key to use when encrypting log data. Please note, after the AWS KMS CMK is disassociated from the log group,\nAWS CloudWatch Logs stops encrypting newly ingested data for the log group. All previously ingested data remains encrypted, and AWS CloudWatch Logs requires\npermissions for the CMK whenever the encrypted data is requested.\n"
},
"name": {
"type": "string",
"description": "The name of the log group. If omitted, this provider will assign a random, unique name.\n"
},
"namePrefix": {
"type": "string",
"description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n"
},
"retentionInDays": {
"type": "integer",
"description": "Specifies the number of days\nyou want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653, and 0.\nIf you select 0, the events in the log group are always retained and never expire.\n"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n"
}
},
"type": "object"
},
"awsx:awsx:OptionalLogGroup": {
"description": "Log group which is only created if enabled.",
"properties": {
"args": {
"$ref": "#/types/awsx:awsx:LogGroup",
"plain": true,
"description": "Arguments to use instead of the default values during creation."
},
"enable": {
"type": "boolean",
"plain": true,
"description": "Enable creation of the log group."
},
"existing": {
"$ref": "#/types/awsx:awsx:ExistingLogGroup",
"plain": true,
"description": "Identity of an existing log group to use. Cannot be used in combination with `args` or `opts`."
}
},
"type": "object"
},
"awsx:awsx:RequiredBucket": {
"description": "Bucket with default setup.",
"properties": {
"args": {
"$ref": "#/types/awsx:awsx:Bucket",
"plain": true,
"description": "Arguments to use instead of the default values during creation."
},
"existing": {
"$ref": "#/types/awsx:awsx:ExistingBucket",
"plain": true,
"description": "Identity of an existing bucket to use. Cannot be used in combination with `args`."
}
},
"type": "object"
},
"awsx:awsx:RequiredLogGroup": {
"description": "Log group with default setup.",
"properties": {
"args": {
"$ref": "#/types/awsx:awsx:LogGroup",
"plain": true,
"description": "Arguments to use instead of the default values during creation."
},
"existing": {
"$ref": "#/types/awsx:awsx:ExistingLogGroup",
"plain": true,
"description": "Identity of an existing log group to use. Cannot be used in combination with `args` or `opts`."
}
},
"type": "object"
},
"awsx:awsx:RoleWithPolicy": {
"description": "The set of arguments for constructing a Role resource and Policy attachments.",
"properties": {
"description": {
"type": "string",
"description": "Description of the role.\n"
},
"forceDetachPolicies": {
"type": "boolean",
"description": "Whether to force detaching any policies the role has before destroying it. Defaults to `false`.\n"
},
"inlinePolicies": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:iam/RoleInlinePolicy:RoleInlinePolicy"
},
"description": "Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, this provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inline_policy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.\n"
},
"managedPolicyArns": {
"type": "array",
"items": {
"type": "string"
},
"description": "Set of exclusive IAM managed policy ARNs to attach to the IAM role. If this attribute is not configured, this provider will ignore policy attachments to this resource. When configured, the provider will align the role's managed policy attachments with this set by attaching or detaching managed policies. Configuring an empty set (i.e., `managed_policy_arns = []`) will cause the provider to remove _all_ managed policy attachments.\n"
},
"maxSessionDuration": {
"type": "integer",
"description": "Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n"
},
"name": {
"type": "string",
"description": "Name of the role policy.\n"
},
"namePrefix": {
"type": "string",
"description": "Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.\n"
},
"path": {
"type": "string",
"description": "Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.\n"
},
"permissionsBoundary": {
"type": "string",
"description": "ARN of the policy that is used to set the permissions boundary for the role.\n"
},
"policyArns": {
"type": "array",
"items": {
"type": "string",
"plain": true
},
"plain": true,
"description": "ARNs of the policies to attach to the created role."
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "Key-value mapping of tags for the IAM role. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n"
}
},
"type": "object"
},
"awsx:awsx:SecurityGroup": {
"description": "The set of arguments for constructing a Security Group resource.",
"properties": {
"description": {
"type": "string",
"description": "Description of this egress rule.\n",
"default": "Managed by Pulumi"
},
"egress": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ec2/SecurityGroupEgress:SecurityGroupEgress"
},
"description": "Configuration block for egress rules. Can be specified multiple times for each egress rule. Each egress block supports fields documented below.\n"
},
"ingress": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ec2/SecurityGroupIngress:SecurityGroupIngress"
},
"description": "Configuration block for egress rules. Can be specified multiple times for each ingress rule. Each ingress block supports fields documented below.\n"
},
"name": {
"type": "string",
"description": "Name of the security group. If omitted, this provider will assign a random, unique name.\n"
},
"namePrefix": {
"type": "string",
"description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n"
},
"revokeRulesOnDelete": {
"type": "boolean",
"description": "Instruct this provider to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first. Default `false`.\n"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "Map of tags to assign to the resource.\n"
},
"vpcId": {
"type": "string",
"description": "VPC ID.\n"
}
},
"type": "object"
},
"awsx:cloudtrail:LogGroup": {
"description": "Defines the log group configuration for the CloudWatch Log Group to send logs to.",
"properties": {
"kmsKeyId": {
"type": "string",
"description": "The ARN of the KMS Key to use when encrypting log data."
},
"namePrefix": {
"type": "string",
"description": "Creates a unique name beginning with the specified prefix"
},
"retentionInDays": {
"type": "integer",
"description": "Specifies the number of days you want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653, and 0. If you select 0, the events in the log group are always retained and never expire."
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "A map of tags to assign to the resource. If configured with provider defaultTags present, tags with matching keys will overwrite those defined at the provider-level."
}
},
"type": "object"
},
"awsx:ec2:NatGatewayConfiguration": {
"description": "Configuration for NAT Gateways.",
"properties": {
"elasticIpAllocationIds": {
"type": "array",
"items": {
"type": "string"
},
"plain": true,
"description": "A list of EIP allocation IDs to assign to the NAT Gateways. Optional. If specified, the number of supplied values must match the chosen strategy (either one, or the number of availability zones)."
},
"strategy": {
"$ref": "#/types/awsx:ec2:NatGatewayStrategy",
"plain": true,
"description": "The strategy for deploying NAT Gateways."
}
},
"type": "object",
"required": [
"strategy"
]
},
"awsx:ec2:NatGatewayStrategy": {
"description": "A strategy for creating NAT Gateways for private subnets within a VPC.",
"type": "string",
"enum": [
{
"description": "Do not create any NAT Gateways. Resources in private subnets will not be able to access the internet.",
"value": "None"
},
{
"description": "Create a single NAT Gateway for the entire VPC. This configuration is not recommended for production infrastructure as it creates a single point of failure.",
"value": "Single"
},
{
"description": "Create a NAT Gateway in each availability zone. This is the recommended configuration for production infrastructure.",
"value": "OnePerAz"
}
]
},
"awsx:ec2:SubnetSpec": {
"description": "Configuration for a VPC subnet.",
"properties": {
"cidrMask": {
"type": "integer",
"plain": true,
"description": "The bitmask for the subnet's CIDR block."
},
"name": {
"type": "string",
"plain": true,
"description": "The subnet's name. Will be templated upon creation."
},
"type": {
"$ref": "#/types/awsx:ec2:SubnetType",
"plain": true,
"description": "The type of subnet."
}
},
"type": "object",
"required": [
"type",
"cidrMask"
]
},
"awsx:ec2:SubnetType": {
"description": "A type of subnet within a VPC.",
"type": "string",
"enum": [
{
"description": "A subnet whose hosts can directly communicate with the internet.",
"value": "Public"
},
{
"description": "A subnet whose hosts can not directly communicate with the internet, but can initiate outbound network traffic via a NAT Gateway.",
"value": "Private"
},
{
"description": "A subnet whose hosts have no connectivity with the internet.",
"value": "Isolated"
}
]
},
"awsx:ec2:VpcEndpointSpec": {
"description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n### Basic\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3 = new aws.ec2.VpcEndpoint(\"s3\", {\n vpcId: aws_vpc.main.id,\n serviceName: \"com.amazonaws.us-west-2.s3\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.ec2.VpcEndpoint(\"s3\",\n vpc_id=aws_vpc[\"main\"][\"id\"],\n service_name=\"com.amazonaws.us-west-2.s3\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var s3 = new Aws.Ec2.VpcEndpoint(\"s3\", new Aws.Ec2.VpcEndpointArgs\n {\n VpcId = aws_vpc.Main.Id,\n ServiceName = \"com.amazonaws.us-west-2.s3\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcEndpoint(ctx, \"s3\", &ec2.VpcEndpointArgs{\n\t\t\tVpcId: pulumi.Any(aws_vpc.Main.Id),\n\t\t\tServiceName: pulumi.String(\"com.amazonaws.us-west-2.s3\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var s3 = new VpcEndpoint(\"s3\", VpcEndpointArgs.builder() \n .vpcId(aws_vpc.getMain().getId())\n .serviceName(\"com.amazonaws.us-west-2.s3\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n s3:\n type: aws:ec2:VpcEndpoint\n properties:\n vpcId: ${aws_vpc.main.id}\n serviceName: com.amazonaws.us-west-2.s3\n```\n{{% /example %}}\n{{% example %}}\n### Basic w/ Tags\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3 = new aws.ec2.VpcEndpoint(\"s3\", {\n vpcId: aws_vpc.main.id,\n serviceName: \"com.amazonaws.us-west-2.s3\",\n tags: {\n Environment: \"test\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.ec2.VpcEndpoint(\"s3\",\n vpc_id=aws_vpc[\"main\"][\"id\"],\n service_name=\"com.amazonaws.us-west-2.s3\",\n tags={\n \"Environment\": \"test\",\n })\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var s3 = new Aws.Ec2.VpcEndpoint(\"s3\", new Aws.Ec2.VpcEndpointArgs\n {\n VpcId = aws_vpc.Main.Id,\n ServiceName = \"com.amazonaws.us-west-2.s3\",\n Tags = \n {\n { \"Environment\", \"test\" },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcEndpoint(ctx, \"s3\", &ec2.VpcEndpointArgs{\n\t\t\tVpcId: pulumi.Any(aws_vpc.Main.Id),\n\t\t\tServiceName: pulumi.String(\"com.amazonaws.us-west-2.s3\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var s3 = new VpcEndpoint(\"s3\", VpcEndpointArgs.builder() \n .vpcId(aws_vpc.getMain().getId())\n .serviceName(\"com.amazonaws.us-west-2.s3\")\n .tags(Map.of(\"Environment\", \"test\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n s3:\n type: aws:ec2:VpcEndpoint\n properties:\n vpcId: ${aws_vpc.main.id}\n serviceName: com.amazonaws.us-west-2.s3\n tags:\n Environment: test\n```\n{{% /example %}}\n{{% example %}}\n### Interface Endpoint Type\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ec2 = new aws.ec2.VpcEndpoint(\"ec2\", {\n vpcId: aws_vpc.main.id,\n serviceName: \"com.amazonaws.us-west-2.ec2\",\n vpcEndpointType: \"Interface\",\n securityGroupIds: [aws_security_group.sg1.id],\n privateDnsEnabled: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nec2 = aws.ec2.VpcEndpoint(\"ec2\",\n vpc_id=aws_vpc[\"main\"][\"id\"],\n service_name=\"com.amazonaws.us-west-2.ec2\",\n vpc_endpoint_type=\"Interface\",\n security_group_ids=[aws_security_group[\"sg1\"][\"id\"]],\n private_dns_enabled=True)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var ec2 = new Aws.Ec2.VpcEndpoint(\"ec2\", new Aws.Ec2.VpcEndpointArgs\n {\n VpcId = aws_vpc.Main.Id,\n ServiceName = \"com.amazonaws.us-west-2.ec2\",\n VpcEndpointType = \"Interface\",\n SecurityGroupIds = \n {\n aws_security_group.Sg1.Id,\n },\n PrivateDnsEnabled = true,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpcEndpoint(ctx, \"ec2\", &ec2.VpcEndpointArgs{\n\t\t\tVpcId: pulumi.Any(aws_vpc.Main.Id),\n\t\t\tServiceName: pulumi.String(\"com.amazonaws.us-west-2.ec2\"),\n\t\t\tVpcEndpointType: pulumi.String(\"Interface\"),\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\tpulumi.Any(aws_security_group.Sg1.Id),\n\t\t\t},\n\t\t\tPrivateDnsEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ec2 = new VpcEndpoint(\"ec2\", VpcEndpointArgs.builder() \n .vpcId(aws_vpc.getMain().getId())\n .serviceName(\"com.amazonaws.us-west-2.ec2\")\n .vpcEndpointType(\"Interface\")\n .securityGroupIds(aws_security_group.getSg1().getId())\n .privateDnsEnabled(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ec2:\n type: aws:ec2:VpcEndpoint\n properties:\n vpcId: ${aws_vpc.main.id}\n serviceName: com.amazonaws.us-west-2.ec2\n vpcEndpointType: Interface\n securityGroupIds:\n - ${aws_security_group.sg1.id}\n privateDnsEnabled: true\n```\n{{% /example %}}\n{{% example %}}\n### Gateway Load Balancer Endpoint Type\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst exampleVpcEndpointService = new aws.ec2.VpcEndpointService(\"exampleVpcEndpointService\", {\n acceptanceRequired: false,\n allowedPrincipals: [current.then(current => current.arn)],\n gatewayLoadBalancerArns: [aws_lb.example.arn],\n});\nconst exampleVpcEndpoint = new aws.ec2.VpcEndpoint(\"exampleVpcEndpoint\", {\n serviceName: exampleVpcEndpointService.serviceName,\n subnetIds: [aws_subnet.example.id],\n vpcEndpointType: exampleVpcEndpointService.serviceType,\n vpcId: aws_vpc.example.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample_vpc_endpoint_service = aws.ec2.VpcEndpointService(\"exampleVpcEndpointService\",\n acceptance_required=False,\n allowed_principals=[current.arn],\n gateway_load_balancer_arns=[aws_lb[\"example\"][\"arn\"]])\nexample_vpc_endpoint = aws.ec2.VpcEndpoint(\"exampleVpcEndpoint\",\n service_name=example_vpc_endpoint_service.service_name,\n subnet_ids=[aws_subnet[\"example\"][\"id\"]],\n vpc_endpoint_type=example_vpc_endpoint_service.service_type,\n vpc_id=aws_vpc[\"example\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var current = Output.Create(Aws.GetCallerIdentity.InvokeAsync());\n var exampleVpcEndpointService = new Aws.Ec2.VpcEndpointService(\"exampleVpcEndpointService\", new Aws.Ec2.VpcEndpointServiceArgs\n {\n AcceptanceRequired = false,\n AllowedPrincipals = \n {\n current.Apply(current => current.Arn),\n },\n GatewayLoadBalancerArns = \n {\n aws_lb.Example.Arn,\n },\n });\n var exampleVpcEndpoint = new Aws.Ec2.VpcEndpoint(\"exampleVpcEndpoint\", new Aws.Ec2.VpcEndpointArgs\n {\n ServiceName = exampleVpcEndpointService.ServiceName,\n SubnetIds = \n {\n aws_subnet.Example.Id,\n },\n VpcEndpointType = exampleVpcEndpointService.ServiceType,\n VpcId = aws_vpc.Example.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcEndpointService, err := ec2.NewVpcEndpointService(ctx, \"exampleVpcEndpointService\", &ec2.VpcEndpointServiceArgs{\n\t\t\tAcceptanceRequired: pulumi.Bool(false),\n\t\t\tAllowedPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(current.Arn),\n\t\t\t},\n\t\t\tGatewayLoadBalancerArns: pulumi.StringArray{\n\t\t\t\tpulumi.Any(aws_lb.Example.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcEndpoint(ctx, \"exampleVpcEndpoint\", &ec2.VpcEndpointArgs{\n\t\t\tServiceName: exampleVpcEndpointService.ServiceName,\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.Any(aws_subnet.Example.Id),\n\t\t\t},\n\t\t\tVpcEndpointType: exampleVpcEndpointService.ServiceType,\n\t\t\tVpcId: pulumi.Any(aws_vpc.Example.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = Output.of(AwsFunctions.getCallerIdentity());\n\n var exampleVpcEndpointService = new VpcEndpointService(\"exampleVpcEndpointService\", VpcEndpointServiceArgs.builder() \n .acceptanceRequired(false)\n .allowedPrincipals(current.apply(getCallerIdentityResult -> getCallerIdentityResult.getArn()))\n .gatewayLoadBalancerArns(aws_lb.getExample().getArn())\n .build());\n\n var exampleVpcEndpoint = new VpcEndpoint(\"exampleVpcEndpoint\", VpcEndpointArgs.builder() \n .serviceName(exampleVpcEndpointService.getServiceName())\n .subnetIds(aws_subnet.getExample().getId())\n .vpcEndpointType(exampleVpcEndpointService.getServiceType())\n .vpcId(aws_vpc.getExample().getId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleVpcEndpointService:\n type: aws:ec2:VpcEndpointService\n properties:\n acceptanceRequired: false\n allowedPrincipals:\n - ${current.arn}\n gatewayLoadBalancerArns:\n - ${aws_lb.example.arn}\n exampleVpcEndpoint:\n type: aws:ec2:VpcEndpoint\n properties:\n serviceName: ${exampleVpcEndpointService.serviceName}\n subnetIds:\n - ${aws_subnet.example.id}\n vpcEndpointType: ${exampleVpcEndpointService.serviceType}\n vpcId: ${aws_vpc.example.id}\nvariables:\n current:\n Fn::Invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nVPC Endpoints can be imported using the `vpc endpoint id`, e.g.,\n\n```sh\n $ pulumi import aws:ec2/vpcEndpoint:VpcEndpoint endpoint1 vpce-3ecf2a57\n```\n\n ",
"properties": {
"autoAccept": {
"type": "boolean",
"plain": true,
"description": "Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account)."
},
"policy": {
"type": "string",
"description": "A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All `Gateway` and some `Interface` endpoints support policies - see the [relevant AWS documentation](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html) for more details.\n"
},
"privateDnsEnabled": {
"type": "boolean",
"plain": true,
"description": "Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to `false`."
},
"routeTableIds": {
"type": "array",
"items": {
"type": "string"
},
"description": "One or more route table IDs. Applicable for endpoints of type `Gateway`.\n"
},
"securityGroupIds": {
"type": "array",
"items": {
"type": "string"
},
"description": "The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type `Interface`.\nIf no security groups are specified, the VPC's [default security group](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html#DefaultSecurityGroup) is associated with the endpoint.\n"
},
"serviceName": {
"type": "string",
"plain": true,
"description": "The service name. For AWS services the service name is usually in the form `com.amazonaws.<region>.<service>` (the SageMaker Notebook service is an exception to this rule, the service name is in the form `aws.sagemaker.<region>.notebook`)."
},
"subnetIds": {
"type": "array",
"items": {
"type": "string"
},
"description": "The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type `GatewayLoadBalancer` and `Interface`.\n"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n"
},
"vpcEndpointType": {
"type": "string",
"description": "The VPC endpoint type, `Gateway`, `GatewayLoadBalancer`, or `Interface`. Defaults to `Gateway`.\n"
}
},
"type": "object",
"required": [
"serviceName"
]
},
"awsx:ecr:DockerBuild": {
"description": "Arguments for building a docker image",
"properties": {
"args": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "An optional map of named build-time argument variables to set during the Docker build. This flag allows you to pass built-time variables that can be accessed like environment variables inside the `RUN` instruction."
},
"cacheFrom": {
"type": "array",
"items": {
"type": "string"
},
"description": "Images to consider as cache sources"
},
"dockerfile": {
"type": "string",
"description": "dockerfile may be used to override the default Dockerfile name and/or location. By default, it is assumed to be a file named Dockerfile in the root of the build context."
},
"env": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "Environment variables to set on the invocation of `docker build`, for example to support `DOCKER_BUILDKIT=1 docker build`."
},
"extraOptions": {
"type": "array",
"items": {
"type": "string"
},
"description": "An optional catch-all list of arguments to provide extra CLI options to the docker build command. For example `['--network', 'host']`."
},
"path": {
"type": "string",
"description": "Path to a directory to use for the Docker build context, usually the directory in which the Dockerfile resides (although dockerfile may be used to choose a custom location independent of this choice). If not specified, the context defaults to the current working directory; if a relative path is used, it is relative to the current working directory that Pulumi is evaluating."
},
"target": {
"type": "string",
"description": "The target of the dockerfile to build"
}
},
"type": "object"
},
"awsx:ecr:lifecyclePolicy": {
"description": "Simplified lifecycle policy model consisting of one or more rules that determine which images in a repository should be expired. See https://docs.aws.amazon.com/AmazonECR/latest/userguide/lifecycle_policy_examples.html for more details.",
"properties": {
"rules": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecr:lifecyclePolicyRule"
},
"description": "Specifies the rules to determine how images should be retired from this repository. Rules are ordered from lowest priority to highest. If there is a rule with a `selection` value of `any`, then it will have the highest priority."
},
"skip": {
"type": "boolean",
"plain": true,
"description": "Skips creation of the policy if set to `true`."
}
},
"type": "object"
},
"awsx:ecr:lifecyclePolicyRule": {
"description": "A lifecycle policy rule that determine which images in a repository should be expired.",
"properties": {
"description": {
"type": "string",
"description": "Describes the purpose of a rule within a lifecycle policy."
},
"maximumAgeLimit": {
"type": "number",
"description": "The maximum age limit (in days) for your images. Either [maximumNumberOfImages] or [maximumAgeLimit] must be provided."
},
"maximumNumberOfImages": {
"type": "number",
"description": "The maximum number of images that you want to retain in your repository. Either [maximumNumberOfImages] or [maximumAgeLimit] must be provided."
},
"tagPrefixList": {
"type": "array",
"items": {
"type": "string"
},
"description": "A list of image tag prefixes on which to take action with your lifecycle policy. Only used if you specified \"tagStatus\": \"tagged\". For example, if your images are tagged as prod, prod1, prod2, and so on, you would use the tag prefix prod to specify all of them. If you specify multiple tags, only the images with all specified tags are selected."
},
"tagStatus": {
"$ref": "#/types/awsx:ecr:lifecycleTagStatus",
"description": "Determines whether the lifecycle policy rule that you are adding specifies a tag for an image. Acceptable options are tagged, untagged, or any. If you specify any, then all images have the rule evaluated against them. If you specify tagged, then you must also specify a tagPrefixList value. If you specify untagged, then you must omit tagPrefixList."
}
},
"type": "object",
"required": [
"tagStatus"
]
},
"awsx:ecr:lifecycleTagStatus": {
"type": "string",
"enum": [
{
"name": "any",
"description": "Evaluate rule against all images",
"value": "any"
},
{
"name": "untagged",
"description": "Only evaluate rule against untagged images",
"value": "untagged"
},
{
"name": "tagged",
"description": "Only evaluated rule against images with specified prefixes",
"value": "tagged"
}
]
},
"awsx:ecs:EC2ServiceTaskDefinition": {
"description": "Create a TaskDefinition resource with the given unique name, arguments, and options.\nCreates required log-group and task & execution roles.\nPresents required Service load balancers if target group included in port mappings.",
"properties": {
"container": {
"$ref": "#/types/awsx:ecs:TaskDefinitionContainerDefinition",
"plain": true,
"description": "Single container to make a TaskDefinition from. Useful for simple cases where there aren't\nmultiple containers, especially when creating a TaskDefinition to call [run] on.\n\nEither [container] or [containers] must be provided."
},
"containers": {
"type": "object",
"additionalProperties": {
"$ref": "#/types/awsx:ecs:TaskDefinitionContainerDefinition",
"plain": true
},
"plain": true,
"description": "All the containers to make a TaskDefinition from. Useful when creating a Service that will\ncontain many containers within.\n\nEither [container] or [containers] must be provided."
},
"cpu": {
"type": "string",
"description": "The number of cpu units used by the task. If not provided, a default will be computed based on the cumulative needs specified by [containerDefinitions]"
},
"ephemeralStorage": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionEphemeralStorage:TaskDefinitionEphemeralStorage",
"description": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate. See Ephemeral Storage.\n"
},
"executionRole": {
"$ref": "#/types/awsx:awsx:DefaultRoleWithPolicy",
"plain": true,
"description": "The execution role that the Amazon ECS container agent and the Docker daemon can assume.\nWill be created automatically if not defined."
},
"family": {
"type": "string",
"description": "An optional unique name for your task definition. If not specified, then a default will be created."
},
"inferenceAccelerators": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionInferenceAccelerator:TaskDefinitionInferenceAccelerator"
},
"description": "Configuration block(s) with Inference Accelerators settings. Detailed below.\n"
},
"ipcMode": {
"type": "string",
"description": "IPC resource namespace to be used for the containers in the task The valid values are `host`, `task`, and `none`.\n"
},
"logGroup": {
"$ref": "#/types/awsx:awsx:DefaultLogGroup",
"plain": true,
"description": "A set of volume blocks that containers in your task may use."
},
"memory": {
"type": "string",
"description": "The amount (in MiB) of memory used by the task. If not provided, a default will be computed\nbased on the cumulative needs specified by [containerDefinitions]"
},
"networkMode": {
"type": "string",
"description": "Docker networking mode to use for the containers in the task. Valid values are `none`, `bridge`, `awsvpc`, and `host`.\n"
},
"pidMode": {
"type": "string",
"description": "Process namespace to use for the containers in the task. The valid values are `host` and `task`.\n"
},
"placementConstraints": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionPlacementConstraint:TaskDefinitionPlacementConstraint"
},
"description": "Configuration block for rules that are taken into consideration during task placement. Maximum number of `placement_constraints` is `10`. Detailed below.\n"
},
"proxyConfiguration": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionProxyConfiguration:TaskDefinitionProxyConfiguration",
"description": "Configuration block for the App Mesh proxy. Detailed below.\n"
},
"runtimePlatform": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionRuntimePlatform:TaskDefinitionRuntimePlatform",
"description": "Configuration block for runtime_platform that containers in your task may use.\n"
},
"skipDestroy": {
"type": "boolean"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "Key-value map of resource tags.\n"
},
"taskRole": {
"$ref": "#/types/awsx:awsx:DefaultRoleWithPolicy",
"plain": true,
"description": "IAM role that allows your Amazon ECS container task to make calls to other AWS services.\nWill be created automatically if not defined."
},
"volumes": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionVolume:TaskDefinitionVolume"
},
"description": "Configuration block for volumes that containers in your task may use. Detailed below.\n"
}
},
"type": "object"
},
"awsx:ecs:FargateServiceTaskDefinition": {
"description": "Create a TaskDefinition resource with the given unique name, arguments, and options.\nCreates required log-group and task & execution roles.\nPresents required Service load balancers if target group included in port mappings.",
"properties": {
"container": {
"$ref": "#/types/awsx:ecs:TaskDefinitionContainerDefinition",
"plain": true,
"description": "Single container to make a TaskDefinition from. Useful for simple cases where there aren't\nmultiple containers, especially when creating a TaskDefinition to call [run] on.\n\nEither [container] or [containers] must be provided."
},
"containers": {
"type": "object",
"additionalProperties": {
"$ref": "#/types/awsx:ecs:TaskDefinitionContainerDefinition",
"plain": true
},
"plain": true,
"description": "All the containers to make a TaskDefinition from. Useful when creating a Service that will\ncontain many containers within.\n\nEither [container] or [containers] must be provided."
},
"cpu": {
"type": "string",
"description": "The number of cpu units used by the task. If not provided, a default will be computed based on the cumulative needs specified by [containerDefinitions]"
},
"ephemeralStorage": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionEphemeralStorage:TaskDefinitionEphemeralStorage",
"description": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate. See Ephemeral Storage.\n"
},
"executionRole": {
"$ref": "#/types/awsx:awsx:DefaultRoleWithPolicy",
"plain": true,
"description": "The execution role that the Amazon ECS container agent and the Docker daemon can assume.\nWill be created automatically if not defined."
},
"family": {
"type": "string",
"description": "An optional unique name for your task definition. If not specified, then a default will be created."
},
"inferenceAccelerators": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionInferenceAccelerator:TaskDefinitionInferenceAccelerator"
},
"description": "Configuration block(s) with Inference Accelerators settings. Detailed below.\n"
},
"ipcMode": {
"type": "string",
"description": "IPC resource namespace to be used for the containers in the task The valid values are `host`, `task`, and `none`.\n"
},
"logGroup": {
"$ref": "#/types/awsx:awsx:DefaultLogGroup",
"plain": true,
"description": "A set of volume blocks that containers in your task may use."
},
"memory": {
"type": "string",
"description": "The amount (in MiB) of memory used by the task. If not provided, a default will be computed\nbased on the cumulative needs specified by [containerDefinitions]"
},
"pidMode": {
"type": "string",
"description": "Process namespace to use for the containers in the task. The valid values are `host` and `task`.\n"
},
"placementConstraints": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionPlacementConstraint:TaskDefinitionPlacementConstraint"
},
"description": "Configuration block for rules that are taken into consideration during task placement. Maximum number of `placement_constraints` is `10`. Detailed below.\n"
},
"proxyConfiguration": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionProxyConfiguration:TaskDefinitionProxyConfiguration",
"description": "Configuration block for the App Mesh proxy. Detailed below.\n"
},
"runtimePlatform": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionRuntimePlatform:TaskDefinitionRuntimePlatform",
"description": "Configuration block for runtime_platform that containers in your task may use.\n"
},
"skipDestroy": {
"type": "boolean"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "Key-value map of resource tags.\n"
},
"taskRole": {
"$ref": "#/types/awsx:awsx:DefaultRoleWithPolicy",
"plain": true,
"description": "IAM role that allows your Amazon ECS container task to make calls to other AWS services.\nWill be created automatically if not defined."
},
"volumes": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionVolume:TaskDefinitionVolume"
},
"description": "Configuration block for volumes that containers in your task may use. Detailed below.\n"
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionContainerDefinition": {
"description": "List of container definitions that are passed to the Docker daemon on a container instance",
"properties": {
"command": {
"type": "array",
"items": {
"type": "string"
}
},
"cpu": {
"type": "integer"
},
"dependsOn": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecs:TaskDefinitionContainerDependency"
}
},
"disableNetworking": {
"type": "boolean"
},
"dnsSearchDomains": {
"type": "array",
"items": {
"type": "string"
}
},
"dnsServers": {
"type": "array",
"items": {
"type": "string"
}
},
"dockerLabels": {
"$ref": "pulumi.json#/Any"
},
"dockerSecurityOptions": {
"type": "array",
"items": {
"type": "string"
}
},
"entryPoint": {
"type": "array",
"items": {
"type": "string"
}
},
"environment": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecs:TaskDefinitionKeyValuePair"
},
"description": "The environment variables to pass to a container"
},
"environmentFiles": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecs:TaskDefinitionEnvironmentFile"
},
"description": "The list of one or more files that contain the environment variables to pass to a container"
},
"essential": {
"type": "boolean"
},
"extraHosts": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecs:TaskDefinitionHostEntry"
}
},
"firelensConfiguration": {
"$ref": "#/types/awsx:ecs:TaskDefinitionFirelensConfiguration"
},
"healthCheck": {
"$ref": "#/types/awsx:ecs:TaskDefinitionHealthCheck"
},
"hostname": {
"type": "string"
},
"image": {
"type": "string",
"description": "The image used to start a container. This string is passed directly to the Docker daemon."
},
"interactive": {
"type": "boolean"
},
"links": {
"type": "array",
"items": {
"type": "string"
}
},
"linuxParameters": {
"$ref": "#/types/awsx:ecs:TaskDefinitionLinuxParameters"
},
"logConfiguration": {
"$ref": "#/types/awsx:ecs:TaskDefinitionLogConfiguration"
},
"memory": {
"type": "integer",
"description": "The amount (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed."
},
"memoryReservation": {
"type": "integer"
},
"mountPoints": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecs:TaskDefinitionMountPoint"
}
},
"name": {
"type": "string",
"description": "The name of a container. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed"
},
"portMappings": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecs:TaskDefinitionPortMapping"
},
"description": "Port mappings allow containers to access ports on the host container instance to send or receive traffic."
},
"privileged": {
"type": "boolean"
},
"pseudoTerminal": {
"type": "boolean"
},
"readonlyRootFilesystem": {
"type": "boolean"
},
"repositoryCredentials": {
"$ref": "#/types/awsx:ecs:TaskDefinitionRepositoryCredentials"
},
"resourceRequirements": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecs:TaskDefinitionResourceRequirement"
}
},
"secrets": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecs:TaskDefinitionSecret"
}
},
"startTimeout": {
"type": "integer"
},
"stopTimeout": {
"type": "integer"
},
"systemControls": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecs:TaskDefinitionSystemControl"
}
},
"ulimits": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecs:TaskDefinitionUlimit"
}
},
"user": {
"type": "string"
},
"volumesFrom": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecs:TaskDefinitionVolumeFrom"
}
},
"workingDirectory": {
"type": "string"
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionContainerDependency": {
"properties": {
"condition": {
"type": "string"
},
"containerName": {
"type": "string"
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionDevice": {
"properties": {
"containerPath": {
"type": "string"
},
"hostPath": {
"type": "string"
},
"permissions": {
"type": "array",
"items": {
"type": "string"
}
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionEnvironmentFile": {
"properties": {
"type": {
"type": "string"
},
"value": {
"type": "string"
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionFirelensConfiguration": {
"properties": {
"options": {
"$ref": "pulumi.json#/Any"
},
"type": {
"type": "string"
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionHealthCheck": {
"description": "The health check command and associated configuration parameters for the container.",
"properties": {
"command": {
"type": "array",
"items": {
"type": "string"
},
"description": "A string array representing the command that the container runs to determine if it is healthy."
},
"interval": {
"type": "integer",
"description": "The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds."
},
"retries": {
"type": "integer",
"description": "The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is three retries."
},
"startPeriod": {
"type": "integer",
"description": "The optional grace period within which to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You may specify between 0 and 300 seconds. The startPeriod is disabled by default."
},
"timeout": {
"type": "integer",
"description": "The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5 seconds."
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionHostEntry": {
"properties": {
"hostname": {
"type": "string"
},
"ipAddress": {
"type": "string"
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionKernelCapabilities": {
"properties": {
"add": {
"type": "array",
"items": {
"type": "string"
}
},
"drop": {
"type": "array",
"items": {
"type": "string"
}
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionKeyValuePair": {
"properties": {
"name": {
"type": "string"
},
"value": {
"type": "string"
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionLinuxParameters": {
"properties": {
"capabilities": {
"$ref": "#/types/awsx:ecs:TaskDefinitionKernelCapabilities"
},
"devices": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecs:TaskDefinitionDevice"
}
},
"initProcessEnabled": {
"type": "boolean"
},
"maxSwap": {
"type": "integer"
},
"sharedMemorySize": {
"type": "integer"
},
"swappiness": {
"type": "integer"
},
"tmpfs": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecs:TaskDefinitionTmpfs"
}
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionLogConfiguration": {
"properties": {
"logDriver": {
"type": "string"
},
"options": {
"$ref": "pulumi.json#/Any"
},
"secretOptions": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ecs:TaskDefinitionSecret"
}
}
},
"type": "object",
"required": [
"logDriver"
]
},
"awsx:ecs:TaskDefinitionMountPoint": {
"properties": {
"containerPath": {
"type": "string"
},
"readOnly": {
"type": "boolean"
},
"sourceVolume": {
"type": "string"
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionPortMapping": {
"properties": {
"containerPort": {
"type": "integer"
},
"hostPort": {
"type": "integer"
},
"protocol": {
"type": "string"
},
"targetGroup": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:lb%2FtargetGroup:TargetGroup"
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionRepositoryCredentials": {
"properties": {
"credentialsParameter": {
"type": "string"
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionResourceRequirement": {
"properties": {
"type": {
"type": "string"
},
"value": {
"type": "string"
}
},
"type": "object",
"required": [
"type",
"value"
]
},
"awsx:ecs:TaskDefinitionSecret": {
"properties": {
"name": {
"type": "string"
},
"valueFrom": {
"type": "string"
}
},
"type": "object",
"required": [
"name",
"valueFrom"
]
},
"awsx:ecs:TaskDefinitionSystemControl": {
"properties": {
"namespace": {
"type": "string"
},
"value": {
"type": "string"
}
},
"type": "object"
},
"awsx:ecs:TaskDefinitionTmpfs": {
"properties": {
"containerPath": {
"type": "string"
},
"mountOptions": {
"type": "array",
"items": {
"type": "string"
}
},
"size": {
"type": "integer"
}
},
"type": "object",
"required": [
"size"
]
},
"awsx:ecs:TaskDefinitionUlimit": {
"properties": {
"hardLimit": {
"type": "integer"
},
"name": {
"type": "string"
},
"softLimit": {
"type": "integer"
}
},
"type": "object",
"required": [
"hardLimit",
"name",
"softLimit"
]
},
"awsx:ecs:TaskDefinitionVolumeFrom": {
"properties": {
"readOnly": {
"type": "boolean"
},
"sourceContainer": {
"type": "string"
}
},
"type": "object"
},
"awsx:lb:Listener": {
"description": "Provides a Load Balancer Listener resource.\n\n> **Note:** `aws.alb.Listener` is known as `aws.lb.Listener`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Forward Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"frontEndLoadBalancer\", {});\n// ...\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"frontEndTargetGroup\", {});\n// ...\nconst frontEndListener = new aws.lb.Listener(\"frontEndListener\", {\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\n# ...\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\n# ...\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n load_balancer_arn=front_end_load_balancer.arn,\n port=443,\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[aws.lb.ListenerDefaultActionArgs(\n type=\"forward\",\n target_group_arn=front_end_target_group.arn,\n )])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n // ...\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n // ...\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", &lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t&lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEndLoadBalancer = new LoadBalancer(\"frontEndLoadBalancer\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder() \n .loadBalancerArn(frontEndLoadBalancer.getArn())\n .port(\"443\")\n .protocol(\"HTTPS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .defaultActions(ListenerDefaultAction.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.getArn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEndLoadBalancer:\n type: aws:lb:LoadBalancer\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n frontEndListener:\n type: aws:lb:Listener\n properties:\n loadBalancerArn: ${frontEndLoadBalancer.arn}\n port: 443\n protocol: HTTPS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n defaultActions:\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\nTo a NLB:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.Listener(\"frontEnd\", {\n loadBalancerArn: aws_lb.front_end.arn,\n port: 443,\n protocol: \"TLS\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n alpnPolicy: \"HTTP2Preferred\",\n defaultActions: [{\n type: \"forward\",\n targetGroupArn: aws_lb_target_group.front_end.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.Listener(\"frontEnd\",\n load_balancer_arn=aws_lb[\"front_end\"][\"arn\"],\n port=443,\n protocol=\"TLS\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n alpn_policy=\"HTTP2Preferred\",\n default_actions=[aws.lb.ListenerDefaultActionArgs(\n type=\"forward\",\n target_group_arn=aws_lb_target_group[\"front_end\"][\"arn\"],\n )])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEnd = new Aws.LB.Listener(\"frontEnd\", new Aws.LB.ListenerArgs\n {\n LoadBalancerArn = aws_lb.Front_end.Arn,\n Port = 443,\n Protocol = \"TLS\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n AlpnPolicy = \"HTTP2Preferred\",\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = aws_lb_target_group.Front_end.Arn,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewListener(ctx, \"frontEnd\", &lb.ListenerArgs{\n\t\t\tLoadBalancerArn: pulumi.Any(aws_lb.Front_end.Arn),\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"TLS\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tAlpnPolicy: pulumi.String(\"HTTP2Preferred\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t&lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(aws_lb_target_group.Front_end.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new Listener(\"frontEnd\", ListenerArgs.builder() \n .loadBalancerArn(aws_lb.getFront_end().getArn())\n .port(\"443\")\n .protocol(\"TLS\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .alpnPolicy(\"HTTP2Preferred\")\n .defaultActions(ListenerDefaultAction.builder()\n .type(\"forward\")\n .targetGroupArn(aws_lb_target_group.getFront_end().getArn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:Listener\n properties:\n loadBalancerArn: ${aws_lb.front_end.arn}\n port: 443\n protocol: TLS\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n alpnPolicy: HTTP2Preferred\n defaultActions:\n - type: forward\n targetGroupArn: ${aws_lb_target_group.front_end.arn}\n```\n{{% /example %}}\n{{% example %}}\n### Redirect Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"frontEndLoadBalancer\", {});\n// ...\nconst frontEndListener = new aws.lb.Listener(\"frontEndListener\", {\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [{\n type: \"redirect\",\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\n# ...\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n load_balancer_arn=front_end_load_balancer.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[aws.lb.ListenerDefaultActionArgs(\n type=\"redirect\",\n redirect=aws.lb.ListenerDefaultActionRedirectArgs(\n port=\"443\",\n protocol=\"HTTPS\",\n status_code=\"HTTP_301\",\n ),\n )])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n // ...\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"redirect\",\n Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", &lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t&lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t\tRedirect: &lb.ListenerDefaultActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEndLoadBalancer = new LoadBalancer(\"frontEndLoadBalancer\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder() \n .loadBalancerArn(frontEndLoadBalancer.getArn())\n .port(\"80\")\n .protocol(\"HTTP\")\n .defaultActions(ListenerDefaultAction.builder()\n .type(\"redirect\")\n .redirect(ListenerDefaultActionRedirect.builder()\n .port(\"443\")\n .protocol(\"HTTPS\")\n .statusCode(\"HTTP_301\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEndLoadBalancer:\n type: aws:lb:LoadBalancer\n frontEndListener:\n type: aws:lb:Listener\n properties:\n loadBalancerArn: ${frontEndLoadBalancer.arn}\n port: 80\n protocol: HTTP\n defaultActions:\n - type: redirect\n redirect:\n port: 443\n protocol: HTTPS\n statusCode: HTTP_301\n```\n{{% /example %}}\n{{% example %}}\n### Fixed-response Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"frontEndLoadBalancer\", {});\n// ...\nconst frontEndListener = new aws.lb.Listener(\"frontEndListener\", {\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [{\n type: \"fixed-response\",\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"Fixed response content\",\n statusCode: \"200\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\n# ...\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n load_balancer_arn=front_end_load_balancer.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[aws.lb.ListenerDefaultActionArgs(\n type=\"fixed-response\",\n fixed_response=aws.lb.ListenerDefaultActionFixedResponseArgs(\n content_type=\"text/plain\",\n message_body=\"Fixed response content\",\n status_code=\"200\",\n ),\n )])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n // ...\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"fixed-response\",\n FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"Fixed response content\",\n StatusCode = \"200\",\n },\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", &lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t&lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t\tFixedResponse: &lb.ListenerDefaultActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"Fixed response content\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEndLoadBalancer = new LoadBalancer(\"frontEndLoadBalancer\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder() \n .loadBalancerArn(frontEndLoadBalancer.getArn())\n .port(\"80\")\n .protocol(\"HTTP\")\n .defaultActions(ListenerDefaultAction.builder()\n .type(\"fixed-response\")\n .fixedResponse(ListenerDefaultActionFixedResponse.builder()\n .contentType(\"text/plain\")\n .messageBody(\"Fixed response content\")\n .statusCode(\"200\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEndLoadBalancer:\n type: aws:lb:LoadBalancer\n frontEndListener:\n type: aws:lb:Listener\n properties:\n loadBalancerArn: ${frontEndLoadBalancer.arn}\n port: 80\n protocol: HTTP\n defaultActions:\n - type: fixed-response\n fixedResponse:\n contentType: text/plain\n messageBody: Fixed response content\n statusCode: 200\n```\n{{% /example %}}\n{{% example %}}\n### Authenticate-cognito Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"frontEndLoadBalancer\", {});\n// ...\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"frontEndTargetGroup\", {});\n// ...\nconst pool = new aws.cognito.UserPool(\"pool\", {});\n// ...\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\n// ...\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\n// ...\nconst frontEndListener = new aws.lb.Listener(\"frontEndListener\", {\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [\n {\n type: \"authenticate-cognito\",\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n },\n {\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\n# ...\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\n# ...\npool = aws.cognito.UserPool(\"pool\")\n# ...\nclient = aws.cognito.UserPoolClient(\"client\")\n# ...\ndomain = aws.cognito.UserPoolDomain(\"domain\")\n# ...\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n load_balancer_arn=front_end_load_balancer.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[\n aws.lb.ListenerDefaultActionArgs(\n type=\"authenticate-cognito\",\n authenticate_cognito=aws.lb.ListenerDefaultActionAuthenticateCognitoArgs(\n user_pool_arn=pool.arn,\n user_pool_client_id=client.id,\n user_pool_domain=domain.domain,\n ),\n ),\n aws.lb.ListenerDefaultActionArgs(\n type=\"forward\",\n target_group_arn=front_end_target_group.arn,\n ),\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n // ...\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n // ...\n var pool = new Aws.Cognito.UserPool(\"pool\", new Aws.Cognito.UserPoolArgs\n {\n });\n // ...\n var client = new Aws.Cognito.UserPoolClient(\"client\", new Aws.Cognito.UserPoolClientArgs\n {\n });\n // ...\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\", new Aws.Cognito.UserPoolDomainArgs\n {\n });\n // ...\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"authenticate-cognito\",\n AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", &lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t&lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t\tAuthenticateCognito: &lb.ListenerDefaultActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t&lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEndLoadBalancer = new LoadBalancer(\"frontEndLoadBalancer\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var pool = new UserPool(\"pool\");\n\n var client = new UserPoolClient(\"client\");\n\n var domain = new UserPoolDomain(\"domain\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder() \n .loadBalancerArn(frontEndLoadBalancer.getArn())\n .port(\"80\")\n .protocol(\"HTTP\")\n .defaultActions( \n ListenerDefaultAction.builder()\n .type(\"authenticate-cognito\")\n .authenticateCognito(ListenerDefaultActionAuthenticateCognito.builder()\n .userPoolArn(pool.getArn())\n .userPoolClientId(client.getId())\n .userPoolDomain(domain.getDomain())\n .build())\n .build(),\n ListenerDefaultAction.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.getArn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEndLoadBalancer:\n type: aws:lb:LoadBalancer\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n pool:\n type: aws:cognito:UserPool\n client:\n type: aws:cognito:UserPoolClient\n domain:\n type: aws:cognito:UserPoolDomain\n frontEndListener:\n type: aws:lb:Listener\n properties:\n loadBalancerArn: ${frontEndLoadBalancer.arn}\n port: 80\n protocol: HTTP\n defaultActions:\n - type: authenticate-cognito\n authenticateCognito:\n userPoolArn: ${pool.arn}\n userPoolClientId: ${client.id}\n userPoolDomain: ${domain.domain}\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n{{% /example %}}\n{{% example %}}\n### Authenticate-OIDC Action\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEndLoadBalancer = new aws.lb.LoadBalancer(\"frontEndLoadBalancer\", {});\n// ...\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"frontEndTargetGroup\", {});\n// ...\nconst frontEndListener = new aws.lb.Listener(\"frontEndListener\", {\n loadBalancerArn: frontEndLoadBalancer.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [\n {\n type: \"authenticate-oidc\",\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n },\n {\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end_load_balancer = aws.lb.LoadBalancer(\"frontEndLoadBalancer\")\n# ...\nfront_end_target_group = aws.lb.TargetGroup(\"frontEndTargetGroup\")\n# ...\nfront_end_listener = aws.lb.Listener(\"frontEndListener\",\n load_balancer_arn=front_end_load_balancer.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[\n aws.lb.ListenerDefaultActionArgs(\n type=\"authenticate-oidc\",\n authenticate_oidc=aws.lb.ListenerDefaultActionAuthenticateOidcArgs(\n authorization_endpoint=\"https://example.com/authorization_endpoint\",\n client_id=\"client_id\",\n client_secret=\"client_secret\",\n issuer=\"https://example.com\",\n token_endpoint=\"https://example.com/token_endpoint\",\n user_info_endpoint=\"https://example.com/user_info_endpoint\",\n ),\n ),\n aws.lb.ListenerDefaultActionArgs(\n type=\"forward\",\n target_group_arn=front_end_target_group.arn,\n ),\n ])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var frontEndLoadBalancer = new Aws.LB.LoadBalancer(\"frontEndLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n });\n // ...\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"frontEndTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n });\n // ...\n var frontEndListener = new Aws.LB.Listener(\"frontEndListener\", new Aws.LB.ListenerArgs\n {\n LoadBalancerArn = frontEndLoadBalancer.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"authenticate-oidc\",\n AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, \"frontEndLoadBalancer\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"frontEndTargetGroup\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"frontEndListener\", &lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEndLoadBalancer.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t&lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t\tAuthenticateOidc: &lb.ListenerDefaultActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t&lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEndLoadBalancer = new LoadBalancer(\"frontEndLoadBalancer\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder() \n .loadBalancerArn(frontEndLoadBalancer.getArn())\n .port(\"80\")\n .protocol(\"HTTP\")\n .defaultActions( \n ListenerDefaultAction.builder()\n .type(\"authenticate-oidc\")\n .authenticateOidc(ListenerDefaultActionAuthenticateOidc.builder()\n .authorizationEndpoint(\"https://example.com/authorization_endpoint\")\n .clientId(\"client_id\")\n .clientSecret(\"client_secret\")\n .issuer(\"https://example.com\")\n .tokenEndpoint(\"https://example.com/token_endpoint\")\n .userInfoEndpoint(\"https://example.com/user_info_endpoint\")\n .build())\n .build(),\n ListenerDefaultAction.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.getArn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEndLoadBalancer:\n type: aws:lb:LoadBalancer\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n frontEndListener:\n type: aws:lb:Listener\n properties:\n loadBalancerArn: ${frontEndLoadBalancer.arn}\n port: 80\n protocol: HTTP\n defaultActions:\n - type: authenticate-oidc\n authenticateOidc:\n authorizationEndpoint: https://example.com/authorization_endpoint\n clientId: client_id\n clientSecret: client_secret\n issuer: https://example.com\n tokenEndpoint: https://example.com/token_endpoint\n userInfoEndpoint: https://example.com/user_info_endpoint\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n{{% /example %}}\n{{% example %}}\n### Gateway Load Balancer Listener\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLoadBalancer = new aws.lb.LoadBalancer(\"exampleLoadBalancer\", {\n loadBalancerType: \"gateway\",\n subnetMappings: [{\n subnetId: aws_subnet.example.id,\n }],\n});\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"exampleTargetGroup\", {\n port: 6081,\n protocol: \"GENEVE\",\n vpcId: aws_vpc.example.id,\n healthCheck: {\n port: \"80\",\n protocol: \"HTTP\",\n },\n});\nconst exampleListener = new aws.lb.Listener(\"exampleListener\", {\n loadBalancerArn: exampleLoadBalancer.id,\n defaultActions: [{\n targetGroupArn: exampleTargetGroup.id,\n type: \"forward\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_load_balancer = aws.lb.LoadBalancer(\"exampleLoadBalancer\",\n load_balancer_type=\"gateway\",\n subnet_mappings=[aws.lb.LoadBalancerSubnetMappingArgs(\n subnet_id=aws_subnet[\"example\"][\"id\"],\n )])\nexample_target_group = aws.lb.TargetGroup(\"exampleTargetGroup\",\n port=6081,\n protocol=\"GENEVE\",\n vpc_id=aws_vpc[\"example\"][\"id\"],\n health_check=aws.lb.TargetGroupHealthCheckArgs(\n port=\"80\",\n protocol=\"HTTP\",\n ))\nexample_listener = aws.lb.Listener(\"exampleListener\",\n load_balancer_arn=example_load_balancer.id,\n default_actions=[aws.lb.ListenerDefaultActionArgs(\n target_group_arn=example_target_group.id,\n type=\"forward\",\n )])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var exampleLoadBalancer = new Aws.LB.LoadBalancer(\"exampleLoadBalancer\", new Aws.LB.LoadBalancerArgs\n {\n LoadBalancerType = \"gateway\",\n SubnetMappings = \n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = aws_subnet.Example.Id,\n },\n },\n });\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"exampleTargetGroup\", new Aws.LB.TargetGroupArgs\n {\n Port = 6081,\n Protocol = \"GENEVE\",\n VpcId = aws_vpc.Example.Id,\n HealthCheck = new Aws.LB.Inputs.TargetGroupHealthCheckArgs\n {\n Port = \"80\",\n Protocol = \"HTTP\",\n },\n });\n var exampleListener = new Aws.LB.Listener(\"exampleListener\", new Aws.LB.ListenerArgs\n {\n LoadBalancerArn = exampleLoadBalancer.Id,\n DefaultActions = \n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = exampleTargetGroup.Id,\n Type = \"forward\",\n },\n },\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLoadBalancer, err := lb.NewLoadBalancer(ctx, \"exampleLoadBalancer\", &lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"gateway\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t&lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(aws_subnet.Example.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := lb.NewTargetGroup(ctx, \"exampleTargetGroup\", &lb.TargetGroupArgs{\n\t\t\tPort: pulumi.Int(6081),\n\t\t\tProtocol: pulumi.String(\"GENEVE\"),\n\t\t\tVpcId: pulumi.Any(aws_vpc.Example.Id),\n\t\t\tHealthCheck: &lb.TargetGroupHealthCheckArgs{\n\t\t\t\tPort: pulumi.String(\"80\"),\n\t\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"exampleListener\", &lb.ListenerArgs{\n\t\t\tLoadBalancerArn: exampleLoadBalancer.ID(),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t&lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: exampleTargetGroup.ID(),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleLoadBalancer = new LoadBalancer(\"exampleLoadBalancer\", LoadBalancerArgs.builder() \n .loadBalancerType(\"gateway\")\n .subnetMappings(LoadBalancerSubnetMapping.builder()\n .subnetId(aws_subnet.getExample().getId())\n .build())\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\", TargetGroupArgs.builder() \n .port(6081)\n .protocol(\"GENEVE\")\n .vpcId(aws_vpc.getExample().getId())\n .healthCheck(TargetGroupHealthCheck.builder()\n .port(80)\n .protocol(\"HTTP\")\n .build())\n .build());\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder() \n .loadBalancerArn(exampleLoadBalancer.getId())\n .defaultActions(ListenerDefaultAction.builder()\n .targetGroupArn(exampleTargetGroup.getId())\n .type(\"forward\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleLoadBalancer:\n type: aws:lb:LoadBalancer\n properties:\n loadBalancerType: gateway\n subnetMappings:\n - subnetId: ${aws_subnet.example.id}\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n properties:\n port: 6081\n protocol: GENEVE\n vpcId: ${aws_vpc.example.id}\n healthCheck:\n port: 80\n protocol: HTTP\n exampleListener:\n type: aws:lb:Listener\n properties:\n loadBalancerArn: ${exampleLoadBalancer.id}\n defaultActions:\n - targetGroupArn: ${exampleTargetGroup.id}\n type: forward\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nListeners can be imported using their ARN, e.g.,\n\n```sh\n $ pulumi import aws:lb/listener:Listener front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener/app/front-end-alb/8e4497da625e2d8a/9ab28ade35828f96\n```\n\n ",
"properties": {
"alpnPolicy": {
"type": "string",
"description": "Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if `protocol` is `TLS`. Valid values are `HTTP1Only`, `HTTP2Only`, `HTTP2Optional`, `HTTP2Preferred`, and `None`.\n"
},
"certificateArn": {
"type": "string",
"description": "ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the `aws.lb.ListenerCertificate` resource.\n"
},
"defaultActions": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:lb/ListenerDefaultAction:ListenerDefaultAction"
},
"description": "Configuration block for default actions. Detailed below.\n"
},
"port": {
"type": "integer",
"description": "Port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`.\n"
},
"protocol": {
"type": "string",
"description": "Protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`.\n"
},
"sslPolicy": {
"type": "string",
"description": "Name of the SSL Policy for the listener. Required if `protocol` is `HTTPS` or `TLS`.\n"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n"
}
},
"type": "object"
},
"awsx:lb:TargetGroup": {
"description": "Provides a Target Group resource for use with Load Balancer resources.\n\n> **Note:** `aws.alb.TargetGroup` is known as `aws.lb.TargetGroup`. The functionality is identical.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Instance Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {cidrBlock: \"10.0.0.0/16\"});\nconst test = new aws.lb.TargetGroup(\"test\", {\n port: 80,\n protocol: \"HTTP\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\ntest = aws.lb.TargetGroup(\"test\",\n port=80,\n protocol=\"HTTP\",\n vpc_id=main.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var test = new Aws.LB.TargetGroup(\"test\", new Aws.LB.TargetGroupArgs\n {\n Port = 80,\n Protocol = \"HTTP\",\n VpcId = main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", &ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroup(ctx, \"test\", &lb.TargetGroupArgs{\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder() \n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var test = new TargetGroup(\"test\", TargetGroupArgs.builder() \n .port(80)\n .protocol(\"HTTP\")\n .vpcId(main.getId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lb:TargetGroup\n properties:\n port: 80\n protocol: HTTP\n vpcId: ${main.id}\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n```\n{{% /example %}}\n{{% example %}}\n### IP Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {cidrBlock: \"10.0.0.0/16\"});\nconst ip_example = new aws.lb.TargetGroup(\"ip-example\", {\n port: 80,\n protocol: \"HTTP\",\n targetType: \"ip\",\n vpcId: main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\nip_example = aws.lb.TargetGroup(\"ip-example\",\n port=80,\n protocol=\"HTTP\",\n target_type=\"ip\",\n vpc_id=main.id)\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var main = new Aws.Ec2.Vpc(\"main\", new Aws.Ec2.VpcArgs\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n var ip_example = new Aws.LB.TargetGroup(\"ip-example\", new Aws.LB.TargetGroupArgs\n {\n Port = 80,\n Protocol = \"HTTP\",\n TargetType = \"ip\",\n VpcId = main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := ec2.NewVpc(ctx, \"main\", &ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroup(ctx, \"ip-example\", &lb.TargetGroupArgs{\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tTargetType: pulumi.String(\"ip\"),\n\t\t\tVpcId: main.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder() \n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var ip_example = new TargetGroup(\"ip-example\", TargetGroupArgs.builder() \n .port(80)\n .protocol(\"HTTP\")\n .targetType(\"ip\")\n .vpcId(main.getId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ip-example:\n type: aws:lb:TargetGroup\n properties:\n port: 80\n protocol: HTTP\n targetType: ip\n vpcId: ${main.id}\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n```\n{{% /example %}}\n{{% example %}}\n### Lambda Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lambda_example = new aws.lb.TargetGroup(\"lambda-example\", {\n targetType: \"lambda\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlambda_example = aws.lb.TargetGroup(\"lambda-example\", target_type=\"lambda\")\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lambda_example = new Aws.LB.TargetGroup(\"lambda-example\", new Aws.LB.TargetGroupArgs\n {\n TargetType = \"lambda\",\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewTargetGroup(ctx, \"lambda-example\", &lb.TargetGroupArgs{\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lambda_example = new TargetGroup(\"lambda-example\", TargetGroupArgs.builder() \n .targetType(\"lambda\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lambda-example:\n type: aws:lb:TargetGroup\n properties:\n targetType: lambda\n```\n{{% /example %}}\n{{% example %}}\n### ALB Target Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lambda_example = new aws.lb.TargetGroup(\"lambda-example\", {\n targetType: \"alb\",\n port: 80,\n protocol: \"TCP\",\n vpcId: aws_vpc.main.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlambda_example = aws.lb.TargetGroup(\"lambda-example\",\n target_type=\"alb\",\n port=80,\n protocol=\"TCP\",\n vpc_id=aws_vpc[\"main\"][\"id\"])\n```\n```csharp\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nclass MyStack : Stack\n{\n public MyStack()\n {\n var lambda_example = new Aws.LB.TargetGroup(\"lambda-example\", new Aws.LB.TargetGroupArgs\n {\n TargetType = \"alb\",\n Port = 80,\n Protocol = \"TCP\",\n VpcId = aws_vpc.Main.Id,\n });\n }\n\n}\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewTargetGroup(ctx, \"lambda-example\", &lb.TargetGroupArgs{\n\t\t\tTargetType: pulumi.String(\"alb\"),\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\tVpcId: pulumi.Any(aws_vpc.Main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport java.util.*;\nimport java.io.*;\nimport java.nio.*;\nimport com.pulumi.*;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lambda_example = new TargetGroup(\"lambda-example\", TargetGroupArgs.builder() \n .targetType(\"alb\")\n .port(80)\n .protocol(\"TCP\")\n .vpcId(aws_vpc.getMain().getId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lambda-example:\n type: aws:lb:TargetGroup\n properties:\n targetType: alb\n port: 80\n protocol: TCP\n vpcId: ${aws_vpc.main.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nTarget Groups can be imported using their ARN, e.g.,\n\n```sh\n $ pulumi import aws:lb/targetGroup:TargetGroup app_front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:targetgroup/app-front-end/20cfe21448b66314\n```\n\n ",
"properties": {
"connectionTermination": {
"type": "boolean",
"description": "Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#deregistration-delay) for more information. Default is `false`.\n"
},
"deregistrationDelay": {
"type": "integer",
"description": "Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.\n"
},
"healthCheck": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:lb/TargetGroupHealthCheck:TargetGroupHealthCheck",
"description": "Health Check configuration block. Detailed below.\n"
},
"lambdaMultiValueHeadersEnabled": {
"type": "boolean",
"description": "Whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when `target_type` is `lambda`. Default is `false`.\n"
},
"loadBalancingAlgorithmType": {
"type": "string",
"description": "Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is `round_robin` or `least_outstanding_requests`. The default is `round_robin`.\n"
},
"name": {
"type": "string",
"description": "Name of the target group. If omitted, this provider will assign a random, unique name.\n"
},
"namePrefix": {
"type": "string",
"description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`. Cannot be longer than 6 characters.\n"
},
"port": {
"type": "integer",
"description": "Port to use to connect with the target. Valid values are either ports 1-65535, or `traffic-port`. Defaults to `traffic-port`.\n"
},
"preserveClientIp": {
"type": "string",
"description": "Whether client IP preservation is enabled. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#client-ip-preservation) for more information.\n"
},
"protocol": {
"type": "string",
"description": "Protocol to use to connect with the target. Defaults to `HTTP`. Not applicable when `target_type` is `lambda`.\n"
},
"protocolVersion": {
"type": "string",
"description": "Only applicable when `protocol` is `HTTP` or `HTTPS`. The protocol version. Specify GRPC to send requests to targets using gRPC. Specify HTTP2 to send requests to targets using HTTP/2. The default is HTTP1, which sends requests to targets using HTTP/1.1\n"
},
"proxyProtocolV2": {
"type": "boolean",
"description": "Whether to enable support for proxy protocol v2 on Network Load Balancers. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol) for more information. Default is `false`.\n"
},
"slowStart": {
"type": "integer",
"description": "Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.\n"
},
"stickiness": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:lb/TargetGroupStickiness:TargetGroupStickiness",
"description": "Stickiness configuration block. Detailed below.\n"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n"
},
"targetType": {
"type": "string",
"description": "Type of target that you must specify when registering targets with this target group. See [doc](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateTargetGroup.html) for supported values. The default is `instance`.\n"
},
"vpcId": {
"type": "string",
"description": "Identifier of the VPC in which to create the target group. Required when `target_type` is `instance`, `ip` or `alb`. Does not apply when `target_type` is `lambda`.\n"
}
},
"type": "object"
}
},
"provider": {},
"resources": {
"awsx:cloudtrail:Trail": {
"properties": {
"bucket": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:s3%2Fbucket:Bucket",
"description": "The managed S3 Bucket where the Trail will place its logs."
},
"logGroup": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:cloudwatch%2FlogGroup:LogGroup",
"description": "The managed Cloudwatch Log Group."
},
"trail": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:cloudtrail%2Ftrail:Trail",
"description": "The CloudTrail Trail.",
"language": {
"csharp": {
"name": "AwsTrail"
}
}
}
},
"required": [
"trail"
],
"inputProperties": {
"advancedEventSelectors": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:cloudtrail/TrailAdvancedEventSelector:TrailAdvancedEventSelector"
},
"description": "Specifies an advanced event selector for enabling data event logging. Fields documented below. Conflicts with `event_selector`.\n"
},
"cloudWatchLogsGroup": {
"$ref": "#/types/awsx:awsx:OptionalLogGroup",
"plain": true,
"description": "Log group to which CloudTrail logs will be delivered."
},
"enableLogFileValidation": {
"type": "boolean",
"description": "Whether log file integrity validation is enabled. Defaults to `false`.\n"
},
"enableLogging": {
"type": "boolean",
"description": "Enables logging for the trail. Defaults to `true`. Setting this to `false` will pause logging.\n"
},
"eventSelectors": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:cloudtrail/TrailEventSelector:TrailEventSelector"
},
"description": "Specifies an event selector for enabling data event logging. Fields documented below. Please note the [CloudTrail limits](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) when configuring these. Conflicts with `advanced_event_selector`.\n"
},
"includeGlobalServiceEvents": {
"type": "boolean",
"description": "Whether the trail is publishing events from global services such as IAM to the log files. Defaults to `true`.\n"
},
"insightSelectors": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:cloudtrail/TrailInsightSelector:TrailInsightSelector"
},
"description": "Configuration block for identifying unusual operational activity. See details below.\n"
},
"isMultiRegionTrail": {
"type": "boolean",
"description": "Whether the trail is created in the current region or in all regions. Defaults to `false`.\n"
},
"isOrganizationTrail": {
"type": "boolean",
"description": "Whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. Defaults to `false`.\n"
},
"kmsKeyId": {
"type": "string",
"description": "KMS key ARN to use to encrypt the logs delivered by CloudTrail.\n"
},
"name": {
"type": "string",
"description": "Specifies the name of the advanced event selector.\n"
},
"s3Bucket": {
"$ref": "#/types/awsx:awsx:RequiredBucket",
"plain": true,
"description": "S3 bucket designated for publishing log files."
},
"s3KeyPrefix": {
"type": "string",
"description": "S3 key prefix that follows the name of the bucket you have designated for log file delivery.\n"
},
"snsTopicName": {
"type": "string",
"description": "Name of the Amazon SNS topic defined for notification of log file delivery.\n"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "Map of tags to assign to the trail. If configured with provider defaultTags present, tags with matching keys will overwrite those defined at the provider-level.\n"
}
},
"isComponent": true
},
"awsx:ec2:DefaultVpc": {
"description": "Pseudo resource representing the default VPC and associated subnets for an account and region. This does not create any resources. This will be replaced with `getDefaultVpc` in the future.",
"properties": {
"privateSubnetIds": {
"type": "array",
"items": {
"type": "string"
}
},
"publicSubnetIds": {
"type": "array",
"items": {
"type": "string"
}
},
"vpcId": {
"type": "string",
"description": "The VPC ID for the default VPC"
}
},
"required": [
"vpcId",
"publicSubnetIds",
"privateSubnetIds"
],
"isComponent": true
},
"awsx:ec2:Vpc": {
"properties": {
"eips": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ec2%2feip:Eip"
},
"description": "The EIPs for any NAT Gateways for the VPC. If no NAT Gateways are specified, this will be an empty list."
},
"internetGateway": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ec2%2finternetGateway:InternetGateway",
"description": "The Internet Gateway for the VPC."
},
"isolatedSubnetIds": {
"type": "array",
"items": {
"type": "string"
}
},
"natGateways": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ec2%2fnatGateway:NatGateway"
},
"description": "The NAT Gateways for the VPC. If no NAT Gateways are specified, this will be an empty list."
},
"privateSubnetIds": {
"type": "array",
"items": {
"type": "string"
}
},
"publicSubnetIds": {
"type": "array",
"items": {
"type": "string"
}
},
"routeTableAssociations": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ec2%2frouteTableAssociation:RouteTableAssociation"
},
"description": "The Route Table Associations for the VPC."
},
"routeTables": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ec2%2frouteTable:RouteTable"
},
"description": "The Route Tables for the VPC."
},
"routes": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ec2%2froute:Route"
},
"description": "The Routes for the VPC."
},
"subnets": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ec2%2fsubnet:Subnet"
},
"description": "The VPC's subnets."
},
"vpc": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ec2%2fvpc:Vpc",
"description": "The VPC.",
"language": {
"csharp": {
"name": "AwsVpc"
}
}
},
"vpcEndpoints": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ec2%2fvpcEndpoint:VpcEndpoint"
},
"description": "The VPC Endpoints that are enabled"
},
"vpcId": {
"type": "string"
}
},
"required": [
"vpc",
"subnets",
"routeTables",
"routeTableAssociations",
"routes",
"internetGateway",
"natGateways",
"eips",
"publicSubnetIds",
"privateSubnetIds",
"isolatedSubnetIds",
"vpcId",
"vpcEndpoints"
],
"inputProperties": {
"assignGeneratedIpv6CidrBlock": {
"type": "boolean",
"description": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is `false`. Conflicts with `ipv6_ipam_pool_id`\n"
},
"availabilityZoneNames": {
"type": "array",
"items": {
"type": "string",
"plain": true
},
"plain": true,
"description": "A list of availability zone names to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region."
},
"cidrBlock": {
"type": "string",
"plain": true,
"description": "The CIDR block for the VPC. Optional. Defaults to 10.0.0.0/16."
},
"enableClassiclink": {
"type": "boolean",
"description": "A boolean flag to enable/disable ClassicLink\nfor the VPC. Only valid in regions and accounts that support EC2 Classic.\nSee the [ClassicLink documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) for more information. Defaults false.\n"
},
"enableClassiclinkDnsSupport": {
"type": "boolean",
"description": "A boolean flag to enable/disable ClassicLink DNS Support for the VPC.\nOnly valid in regions and accounts that support EC2 Classic.\n"
},
"enableDnsHostnames": {
"type": "boolean",
"description": "A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.\n"
},
"enableDnsSupport": {
"type": "boolean",
"description": "A boolean flag to enable/disable DNS support in the VPC. Defaults true.\n"
},
"instanceTenancy": {
"type": "string",
"description": "A tenancy option for instances launched into the VPC. Default is `default`, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option is `dedicated`, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee.\n"
},
"ipv4IpamPoolId": {
"type": "string",
"description": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.\n"
},
"ipv4NetmaskLength": {
"type": "integer",
"description": "The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a `ipv4_ipam_pool_id`.\n"
},
"ipv6CidrBlock": {
"type": "string",
"description": "IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using `ipv6_netmask_length`.\n"
},
"ipv6CidrBlockNetworkBorderGroup": {
"type": "string",
"description": "By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.\n"
},
"ipv6IpamPoolId": {
"type": "string",
"description": "IPAM Pool ID for a IPv6 pool. Conflicts with `assign_generated_ipv6_cidr_block`.\n"
},
"ipv6NetmaskLength": {
"type": "integer",
"description": "Netmask length to request from IPAM Pool. Conflicts with `ipv6_cidr_block`. This can be omitted if IPAM pool as a `allocation_default_netmask_length` set. Valid values: `56`.\n"
},
"natGateways": {
"$ref": "#/types/awsx:ec2:NatGatewayConfiguration",
"plain": true,
"description": "Configuration for NAT Gateways. Optional. If private and public subnets are both specified, defaults to one gateway per availability zone. Otherwise, no gateways will be created."
},
"numberOfAvailabilityZones": {
"type": "integer",
"plain": true,
"description": "A number of availability zones to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region."
},
"subnetSpecs": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ec2:SubnetSpec",
"plain": true
},
"plain": true,
"description": "A list of subnet specs that should be deployed to each AZ specified in availabilityZoneNames. Optional. Defaults to a (smaller) public subnet and a (larger) private subnet based on the size of the CIDR block for the VPC."
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n"
},
"vpcEndpointSpecs": {
"type": "array",
"items": {
"$ref": "#/types/awsx:ec2:VpcEndpointSpec",
"plain": true
},
"plain": true,
"description": "A list of VPC Endpoints specs to be deployed as part of the VPC"
}
},
"isComponent": true
},
"awsx:ecr:Image": {
"description": "Builds a docker image and pushes to the ECR repository",
"properties": {
"imageUri": {
"type": "string",
"description": "Unique identifier of the pushed image"
}
},
"type": "object",
"required": [
"imageUri"
],
"inputProperties": {
"args": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "An optional map of named build-time argument variables to set during the Docker build. This flag allows you to pass built-time variables that can be accessed like environment variables inside the `RUN` instruction."
},
"cacheFrom": {
"type": "array",
"items": {
"type": "string"
},
"description": "Images to consider as cache sources"
},
"dockerfile": {
"type": "string",
"description": "dockerfile may be used to override the default Dockerfile name and/or location. By default, it is assumed to be a file named Dockerfile in the root of the build context."
},
"env": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "Environment variables to set on the invocation of `docker build`, for example to support `DOCKER_BUILDKIT=1 docker build`."
},
"extraOptions": {
"type": "array",
"items": {
"type": "string"
},
"description": "An optional catch-all list of arguments to provide extra CLI options to the docker build command. For example `['--network', 'host']`."
},
"path": {
"type": "string",
"description": "Path to a directory to use for the Docker build context, usually the directory in which the Dockerfile resides (although dockerfile may be used to choose a custom location independent of this choice). If not specified, the context defaults to the current working directory; if a relative path is used, it is relative to the current working directory that Pulumi is evaluating."
},
"repositoryUrl": {
"type": "string",
"description": "Url of the repository"
},
"target": {
"type": "string",
"description": "The target of the dockerfile to build"
}
},
"requiredInputs": [
"repositoryUrl"
],
"isComponent": true
},
"awsx:ecr:Repository": {
"description": "A [Repository] represents an [aws.ecr.Repository] along with an associated [LifecyclePolicy] controlling how images are retained in the repo. \n\nDocker images can be built and pushed to the repo using the [buildAndPushImage] method. This will call into the `@pulumi/docker/buildAndPushImage` function using this repo as the appropriate destination registry.",
"properties": {
"lifecyclePolicy": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ecr%2flifecyclePolicy:LifecyclePolicy",
"description": "Underlying repository lifecycle policy"
},
"repository": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ecr%2frepository:Repository",
"description": "Underlying Repository resource",
"language": {
"csharp": {
"name": "AwsRepository"
}
}
},
"url": {
"type": "string",
"description": "The URL of the repository (in the form aws_account_id.dkr.ecr.region.amazonaws.com/repositoryName).\n"
}
},
"type": "object",
"required": [
"repository",
"url"
],
"inputProperties": {
"encryptionConfigurations": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecr/RepositoryEncryptionConfiguration:RepositoryEncryptionConfiguration"
},
"description": "Encryption configuration for the repository. See below for schema.\n"
},
"imageScanningConfiguration": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecr/RepositoryImageScanningConfiguration:RepositoryImageScanningConfiguration",
"description": "Configuration block that defines image scanning configuration for the repository. By default, image scanning must be manually triggered. See the [ECR User Guide](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html) for more information about image scanning.\n"
},
"imageTagMutability": {
"type": "string",
"description": "The tag mutability setting for the repository. Must be one of: `MUTABLE` or `IMMUTABLE`. Defaults to `MUTABLE`.\n"
},
"lifecyclePolicy": {
"$ref": "#/types/awsx:ecr:lifecyclePolicy",
"plain": true,
"description": "A lifecycle policy consists of one or more rules that determine which images in a repository should be expired. If not provided, this will default to untagged images expiring after 1 day."
},
"name": {
"type": "string",
"description": "Name of the repository.\n"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n"
}
},
"isComponent": true
},
"awsx:ecs:EC2Service": {
"description": "Create an ECS Service resource for EC2 with the given unique name, arguments, and options.\nCreates Task definition if `taskDefinitionArgs` is specified.",
"properties": {
"service": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ecs%2fservice:Service",
"description": "Underlying ECS Service resource"
},
"taskDefinition": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ecs%2FtaskDefinition:TaskDefinition",
"description": "Underlying EC2 Task definition component resource if created from args"
}
},
"required": [
"service"
],
"inputProperties": {
"cluster": {
"type": "string",
"description": "ARN of an ECS cluster.\n"
},
"continueBeforeSteadyState": {
"type": "boolean",
"description": "If `true`, this provider will not wait for the service to reach a steady state (like [`aws ecs wait services-stable`](https://docs.aws.amazon.com/cli/latest/reference/ecs/wait/services-stable.html)) before continuing. Default `false`."
},
"deploymentCircuitBreaker": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/ServiceDeploymentCircuitBreaker:ServiceDeploymentCircuitBreaker",
"description": "Configuration block for deployment circuit breaker. See below.\n"
},
"deploymentController": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/ServiceDeploymentController:ServiceDeploymentController",
"description": "Configuration block for deployment controller configuration. See below.\n"
},
"deploymentMaximumPercent": {
"type": "integer",
"description": "Upper limit (as a percentage of the service's desiredCount) of the number of running tasks that can be running in a service during a deployment. Not valid when using the `DAEMON` scheduling strategy.\n"
},
"deploymentMinimumHealthyPercent": {
"type": "integer",
"description": "Lower limit (as a percentage of the service's desiredCount) of the number of running tasks that must remain running and healthy in a service during a deployment.\n"
},
"desiredCount": {
"type": "integer",
"description": "Number of instances of the task definition to place and keep running. Defaults to 0. Do not specify if using the `DAEMON` scheduling strategy.\n"
},
"enableEcsManagedTags": {
"type": "boolean",
"description": "Specifies whether to enable Amazon ECS managed tags for the tasks within the service.\n"
},
"enableExecuteCommand": {
"type": "boolean",
"description": "Specifies whether to enable Amazon ECS Exec for the tasks within the service.\n"
},
"forceNewDeployment": {
"type": "boolean",
"description": "Enable to force a new task deployment of the service. This can be used to update tasks to use a newer Docker image with same image/tag combination (e.g., `myimage:latest`), roll Fargate tasks onto a newer platform version, or immediately deploy `ordered_placement_strategy` and `placement_constraints` updates.\n"
},
"healthCheckGracePeriodSeconds": {
"type": "integer",
"description": "Seconds to ignore failing load balancer health checks on newly instantiated tasks to prevent premature shutdown, up to 2147483647. Only valid for services configured to use load balancers.\n"
},
"iamRole": {
"type": "string",
"description": "ARN of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is required if you are using a load balancer with your service, but only if your task definition does not use the `awsvpc` network mode. If using `awsvpc` network mode, do not specify this role. If your account has already created the Amazon ECS service-linked role, that role is used by default for your service unless you specify a role here.\n"
},
"loadBalancers": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/ServiceLoadBalancer:ServiceLoadBalancer"
},
"description": "Configuration block for load balancers. See below.\n"
},
"name": {
"type": "string",
"description": "Name of the service (up to 255 letters, numbers, hyphens, and underscores)\n"
},
"networkConfiguration": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/ServiceNetworkConfiguration:ServiceNetworkConfiguration",
"description": "Network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own Elastic Network Interface, and it is not supported for other network modes. See below.\n"
},
"orderedPlacementStrategies": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/ServiceOrderedPlacementStrategy:ServiceOrderedPlacementStrategy"
},
"description": "Service level strategy rules that are taken into consideration during task placement. List from top to bottom in order of precedence. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. The maximum number of `ordered_placement_strategy` blocks is `5`. See below.\n"
},
"placementConstraints": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/ServicePlacementConstraint:ServicePlacementConstraint"
},
"description": "Rules that are taken into consideration during task placement. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. Maximum number of `placement_constraints` is `10`. See below.\n"
},
"platformVersion": {
"type": "string",
"description": "Platform version on which to run your service. Only applicable for `launch_type` set to `FARGATE`. Defaults to `LATEST`. More information about Fargate platform versions can be found in the [AWS ECS User Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).\n"
},
"propagateTags": {
"type": "string",
"description": "Specifies whether to propagate the tags from the task definition or the service to the tasks. The valid values are `SERVICE` and `TASK_DEFINITION`.\n"
},
"schedulingStrategy": {
"type": "string",
"description": "Scheduling strategy to use for the service. The valid values are `REPLICA` and `DAEMON`. Defaults to `REPLICA`. Note that [*Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy*](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html).\n"
},
"serviceRegistries": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/ServiceServiceRegistries:ServiceServiceRegistries",
"description": "Service discovery registries for the service. The maximum number of `service_registries` blocks is `1`. See below.\n"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n"
},
"taskDefinition": {
"type": "string",
"description": "Family and revision (`family:revision`) or full ARN of the task definition that you want to run in your service. Either [taskDefinition] or [taskDefinitionArgs] must be provided."
},
"taskDefinitionArgs": {
"$ref": "#/types/awsx:ecs:EC2ServiceTaskDefinition",
"plain": true,
"description": "The args of task definition that you want to run in your service. Either [taskDefinition] or [taskDefinitionArgs] must be provided."
}
},
"requiredInputs": [
"networkConfiguration"
],
"isComponent": true
},
"awsx:ecs:EC2TaskDefinition": {
"description": "Create a TaskDefinition resource with the given unique name, arguments, and options.\nCreates required log-group and task & execution roles.\nPresents required Service load balancers if target group included in port mappings.",
"properties": {
"executionRole": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:iam%2Frole:Role",
"description": "Auto-created IAM task execution role that the Amazon ECS container agent and the Docker daemon can assume."
},
"loadBalancers": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs%2FServiceLoadBalancer:ServiceLoadBalancer"
},
"description": "Computed load balancers from target groups specified of container port mappings."
},
"logGroup": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:cloudwatch%2FlogGroup:LogGroup",
"description": "Auto-created Log Group resource for use by containers."
},
"taskDefinition": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ecs%2FtaskDefinition:TaskDefinition",
"description": "Underlying ECS Task Definition resource"
},
"taskRole": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:iam%2Frole:Role",
"description": "Auto-created IAM role that allows your Amazon ECS container task to make calls to other AWS services."
}
},
"required": [
"taskDefinition",
"loadBalancers"
],
"inputProperties": {
"container": {
"$ref": "#/types/awsx:ecs:TaskDefinitionContainerDefinition",
"plain": true,
"description": "Single container to make a TaskDefinition from. Useful for simple cases where there aren't\nmultiple containers, especially when creating a TaskDefinition to call [run] on.\n\nEither [container] or [containers] must be provided."
},
"containers": {
"type": "object",
"additionalProperties": {
"$ref": "#/types/awsx:ecs:TaskDefinitionContainerDefinition",
"plain": true
},
"plain": true,
"description": "All the containers to make a TaskDefinition from. Useful when creating a Service that will\ncontain many containers within.\n\nEither [container] or [containers] must be provided."
},
"cpu": {
"type": "string",
"description": "The number of cpu units used by the task. If not provided, a default will be computed based on the cumulative needs specified by [containerDefinitions]"
},
"ephemeralStorage": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionEphemeralStorage:TaskDefinitionEphemeralStorage",
"description": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate. See Ephemeral Storage.\n"
},
"executionRole": {
"$ref": "#/types/awsx:awsx:DefaultRoleWithPolicy",
"plain": true,
"description": "The execution role that the Amazon ECS container agent and the Docker daemon can assume.\nWill be created automatically if not defined."
},
"family": {
"type": "string",
"description": "An optional unique name for your task definition. If not specified, then a default will be created."
},
"inferenceAccelerators": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionInferenceAccelerator:TaskDefinitionInferenceAccelerator"
},
"description": "Configuration block(s) with Inference Accelerators settings. Detailed below.\n"
},
"ipcMode": {
"type": "string",
"description": "IPC resource namespace to be used for the containers in the task The valid values are `host`, `task`, and `none`.\n"
},
"logGroup": {
"$ref": "#/types/awsx:awsx:DefaultLogGroup",
"plain": true,
"description": "A set of volume blocks that containers in your task may use."
},
"memory": {
"type": "string",
"description": "The amount (in MiB) of memory used by the task. If not provided, a default will be computed\nbased on the cumulative needs specified by [containerDefinitions]"
},
"networkMode": {
"type": "string",
"description": "Docker networking mode to use for the containers in the task. Valid values are `none`, `bridge`, `awsvpc`, and `host`.\n"
},
"pidMode": {
"type": "string",
"description": "Process namespace to use for the containers in the task. The valid values are `host` and `task`.\n"
},
"placementConstraints": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionPlacementConstraint:TaskDefinitionPlacementConstraint"
},
"description": "Configuration block for rules that are taken into consideration during task placement. Maximum number of `placement_constraints` is `10`. Detailed below.\n"
},
"proxyConfiguration": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionProxyConfiguration:TaskDefinitionProxyConfiguration",
"description": "Configuration block for the App Mesh proxy. Detailed below.\n"
},
"runtimePlatform": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionRuntimePlatform:TaskDefinitionRuntimePlatform",
"description": "Configuration block for runtime_platform that containers in your task may use.\n"
},
"skipDestroy": {
"type": "boolean"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "Key-value map of resource tags.\n"
},
"taskRole": {
"$ref": "#/types/awsx:awsx:DefaultRoleWithPolicy",
"plain": true,
"description": "IAM role that allows your Amazon ECS container task to make calls to other AWS services.\nWill be created automatically if not defined."
},
"volumes": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionVolume:TaskDefinitionVolume"
},
"description": "Configuration block for volumes that containers in your task may use. Detailed below.\n"
}
},
"isComponent": true
},
"awsx:ecs:FargateService": {
"description": "Create an ECS Service resource for Fargate with the given unique name, arguments, and options.\nCreates Task definition if `taskDefinitionArgs` is specified.",
"properties": {
"service": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ecs%2fservice:Service",
"description": "Underlying ECS Service resource"
},
"taskDefinition": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ecs%2FtaskDefinition:TaskDefinition",
"description": "Underlying Fargate component resource if created from args"
}
},
"required": [
"service"
],
"inputProperties": {
"cluster": {
"type": "string",
"description": "ARN of an ECS cluster.\n"
},
"continueBeforeSteadyState": {
"type": "boolean",
"description": "If `true`, this provider will not wait for the service to reach a steady state (like [`aws ecs wait services-stable`](https://docs.aws.amazon.com/cli/latest/reference/ecs/wait/services-stable.html)) before continuing. Default `false`."
},
"deploymentCircuitBreaker": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/ServiceDeploymentCircuitBreaker:ServiceDeploymentCircuitBreaker",
"description": "Configuration block for deployment circuit breaker. See below.\n"
},
"deploymentController": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/ServiceDeploymentController:ServiceDeploymentController",
"description": "Configuration block for deployment controller configuration. See below.\n"
},
"deploymentMaximumPercent": {
"type": "integer",
"description": "Upper limit (as a percentage of the service's desiredCount) of the number of running tasks that can be running in a service during a deployment. Not valid when using the `DAEMON` scheduling strategy.\n"
},
"deploymentMinimumHealthyPercent": {
"type": "integer",
"description": "Lower limit (as a percentage of the service's desiredCount) of the number of running tasks that must remain running and healthy in a service during a deployment.\n"
},
"desiredCount": {
"type": "integer",
"description": "Number of instances of the task definition to place and keep running. Defaults to 0. Do not specify if using the `DAEMON` scheduling strategy.\n"
},
"enableEcsManagedTags": {
"type": "boolean",
"description": "Specifies whether to enable Amazon ECS managed tags for the tasks within the service.\n"
},
"enableExecuteCommand": {
"type": "boolean",
"description": "Specifies whether to enable Amazon ECS Exec for the tasks within the service.\n"
},
"forceNewDeployment": {
"type": "boolean",
"description": "Enable to force a new task deployment of the service. This can be used to update tasks to use a newer Docker image with same image/tag combination (e.g., `myimage:latest`), roll Fargate tasks onto a newer platform version, or immediately deploy `ordered_placement_strategy` and `placement_constraints` updates.\n"
},
"healthCheckGracePeriodSeconds": {
"type": "integer",
"description": "Seconds to ignore failing load balancer health checks on newly instantiated tasks to prevent premature shutdown, up to 2147483647. Only valid for services configured to use load balancers.\n"
},
"iamRole": {
"type": "string",
"description": "ARN of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is required if you are using a load balancer with your service, but only if your task definition does not use the `awsvpc` network mode. If using `awsvpc` network mode, do not specify this role. If your account has already created the Amazon ECS service-linked role, that role is used by default for your service unless you specify a role here.\n"
},
"loadBalancers": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/ServiceLoadBalancer:ServiceLoadBalancer"
},
"description": "Configuration block for load balancers. See below.\n"
},
"name": {
"type": "string",
"description": "Name of the service (up to 255 letters, numbers, hyphens, and underscores)\n"
},
"networkConfiguration": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/ServiceNetworkConfiguration:ServiceNetworkConfiguration",
"description": "Network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own Elastic Network Interface, and it is not supported for other network modes. See below.\n"
},
"placementConstraints": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/ServicePlacementConstraint:ServicePlacementConstraint"
},
"description": "Rules that are taken into consideration during task placement. Updates to this configuration will take effect next task deployment unless `force_new_deployment` is enabled. Maximum number of `placement_constraints` is `10`. See below.\n"
},
"platformVersion": {
"type": "string",
"description": "Platform version on which to run your service. Only applicable for `launch_type` set to `FARGATE`. Defaults to `LATEST`. More information about Fargate platform versions can be found in the [AWS ECS User Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html).\n"
},
"propagateTags": {
"type": "string",
"description": "Specifies whether to propagate the tags from the task definition or the service to the tasks. The valid values are `SERVICE` and `TASK_DEFINITION`.\n"
},
"schedulingStrategy": {
"type": "string",
"description": "Scheduling strategy to use for the service. The valid values are `REPLICA` and `DAEMON`. Defaults to `REPLICA`. Note that [*Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy*](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html).\n"
},
"serviceRegistries": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/ServiceServiceRegistries:ServiceServiceRegistries",
"description": "Service discovery registries for the service. The maximum number of `service_registries` blocks is `1`. See below.\n"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n"
},
"taskDefinition": {
"type": "string",
"description": "Family and revision (`family:revision`) or full ARN of the task definition that you want to run in your service. Either [taskDefinition] or [taskDefinitionArgs] must be provided."
},
"taskDefinitionArgs": {
"$ref": "#/types/awsx:ecs:FargateServiceTaskDefinition",
"plain": true,
"description": "The args of task definition that you want to run in your service. Either [taskDefinition] or [taskDefinitionArgs] must be provided."
}
},
"isComponent": true
},
"awsx:ecs:FargateTaskDefinition": {
"description": "Create a TaskDefinition resource with the given unique name, arguments, and options.\nCreates required log-group and task & execution roles.\nPresents required Service load balancers if target group included in port mappings.",
"properties": {
"executionRole": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:iam%2Frole:Role",
"description": "Auto-created IAM task execution role that the Amazon ECS container agent and the Docker daemon can assume."
},
"loadBalancers": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs%2FServiceLoadBalancer:ServiceLoadBalancer"
},
"description": "Computed load balancers from target groups specified of container port mappings."
},
"logGroup": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:cloudwatch%2FlogGroup:LogGroup",
"description": "Auto-created Log Group resource for use by containers."
},
"taskDefinition": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ecs%2FtaskDefinition:TaskDefinition",
"description": "Underlying ECS Task Definition resource"
},
"taskRole": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:iam%2Frole:Role",
"description": "Auto-created IAM role that allows your Amazon ECS container task to make calls to other AWS services."
}
},
"required": [
"taskDefinition",
"loadBalancers"
],
"inputProperties": {
"container": {
"$ref": "#/types/awsx:ecs:TaskDefinitionContainerDefinition",
"plain": true,
"description": "Single container to make a TaskDefinition from. Useful for simple cases where there aren't\nmultiple containers, especially when creating a TaskDefinition to call [run] on.\n\nEither [container] or [containers] must be provided."
},
"containers": {
"type": "object",
"additionalProperties": {
"$ref": "#/types/awsx:ecs:TaskDefinitionContainerDefinition",
"plain": true
},
"plain": true,
"description": "All the containers to make a TaskDefinition from. Useful when creating a Service that will\ncontain many containers within.\n\nEither [container] or [containers] must be provided."
},
"cpu": {
"type": "string",
"description": "The number of cpu units used by the task. If not provided, a default will be computed based on the cumulative needs specified by [containerDefinitions]"
},
"ephemeralStorage": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionEphemeralStorage:TaskDefinitionEphemeralStorage",
"description": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate. See Ephemeral Storage.\n"
},
"executionRole": {
"$ref": "#/types/awsx:awsx:DefaultRoleWithPolicy",
"plain": true,
"description": "The execution role that the Amazon ECS container agent and the Docker daemon can assume.\nWill be created automatically if not defined."
},
"family": {
"type": "string",
"description": "An optional unique name for your task definition. If not specified, then a default will be created."
},
"inferenceAccelerators": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionInferenceAccelerator:TaskDefinitionInferenceAccelerator"
},
"description": "Configuration block(s) with Inference Accelerators settings. Detailed below.\n"
},
"ipcMode": {
"type": "string",
"description": "IPC resource namespace to be used for the containers in the task The valid values are `host`, `task`, and `none`.\n"
},
"logGroup": {
"$ref": "#/types/awsx:awsx:DefaultLogGroup",
"plain": true,
"description": "A set of volume blocks that containers in your task may use."
},
"memory": {
"type": "string",
"description": "The amount (in MiB) of memory used by the task. If not provided, a default will be computed\nbased on the cumulative needs specified by [containerDefinitions]"
},
"pidMode": {
"type": "string",
"description": "Process namespace to use for the containers in the task. The valid values are `host` and `task`.\n"
},
"placementConstraints": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionPlacementConstraint:TaskDefinitionPlacementConstraint"
},
"description": "Configuration block for rules that are taken into consideration during task placement. Maximum number of `placement_constraints` is `10`. Detailed below.\n"
},
"proxyConfiguration": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionProxyConfiguration:TaskDefinitionProxyConfiguration",
"description": "Configuration block for the App Mesh proxy. Detailed below.\n"
},
"runtimePlatform": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionRuntimePlatform:TaskDefinitionRuntimePlatform",
"description": "Configuration block for runtime_platform that containers in your task may use.\n"
},
"skipDestroy": {
"type": "boolean"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "Key-value map of resource tags.\n"
},
"taskRole": {
"$ref": "#/types/awsx:awsx:DefaultRoleWithPolicy",
"plain": true,
"description": "IAM role that allows your Amazon ECS container task to make calls to other AWS services.\nWill be created automatically if not defined."
},
"volumes": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:ecs/TaskDefinitionVolume:TaskDefinitionVolume"
},
"description": "Configuration block for volumes that containers in your task may use. Detailed below.\n"
}
},
"isComponent": true
},
"awsx:lb:ApplicationLoadBalancer": {
"description": "Provides an Application Load Balancer resource with listeners, default target group and default security group.",
"properties": {
"defaultSecurityGroup": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ec2%2fsecurityGroup:SecurityGroup",
"description": "Default security group, if auto-created"
},
"defaultTargetGroup": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:lb%2ftargetGroup:TargetGroup",
"description": "Default target group, if auto-created"
},
"listeners": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:lb%2flistener:Listener"
},
"description": "Listeners created as part of this load balancer"
},
"loadBalancer": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:lb%2floadBalancer:LoadBalancer",
"description": "Underlying Load Balancer resource"
},
"vpcId": {
"type": "string",
"description": "Id of the VPC in which this load balancer is operating"
}
},
"type": "object",
"required": [
"loadBalancer",
"defaultTargetGroup"
],
"inputProperties": {
"accessLogs": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:lb/LoadBalancerAccessLogs:LoadBalancerAccessLogs",
"description": "An Access Logs block. Access Logs documented below.\n"
},
"customerOwnedIpv4Pool": {
"type": "string",
"description": "The ID of the customer owned ipv4 pool to use for this load balancer.\n"
},
"defaultSecurityGroup": {
"$ref": "#/types/awsx:awsx:DefaultSecurityGroup",
"plain": true,
"description": "Options for creating a default security group if [securityGroups] not specified."
},
"defaultTargetGroup": {
"$ref": "#/types/awsx:lb:TargetGroup",
"plain": true,
"description": "Options creating a default target group."
},
"desyncMitigationMode": {
"type": "string",
"description": "Determines how the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest`.\n"
},
"dropInvalidHeaderFields": {
"type": "boolean",
"description": "Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n"
},
"enableDeletionProtection": {
"type": "boolean",
"description": "If true, deletion of the load balancer will be disabled via\nthe AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n"
},
"enableHttp2": {
"type": "boolean",
"description": "Indicates whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.\n"
},
"enableWafFailOpen": {
"type": "boolean",
"description": "Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to `false`.\n"
},
"idleTimeout": {
"type": "integer",
"description": "The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n"
},
"internal": {
"type": "boolean",
"description": "If true, the LB will be internal.\n"
},
"ipAddressType": {
"type": "string",
"description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n"
},
"listener": {
"$ref": "#/types/awsx:lb:Listener",
"plain": true,
"description": "A listener to create. Only one of [listener] and [listeners] can be specified."
},
"listeners": {
"type": "array",
"items": {
"$ref": "#/types/awsx:lb:Listener",
"plain": true
},
"plain": true,
"description": "List of listeners to create. Only one of [listener] and [listeners] can be specified."
},
"name": {
"type": "string",
"description": "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters,\nmust contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,\nthis provider will autogenerate a name beginning with `tf-lb`.\n"
},
"namePrefix": {
"type": "string",
"description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n"
},
"securityGroups": {
"type": "array",
"items": {
"type": "string"
},
"description": "A list of security group IDs to assign to the LB. Only valid for Load Balancers of type `application`.\n"
},
"subnetIds": {
"type": "array",
"items": {
"type": "string"
},
"description": "A list of subnet IDs to attach to the LB. Subnets\ncannot be updated for Load Balancers of type `network`. Changing this value\nfor load balancers of type `network` will force a recreation of the resource.\n"
},
"subnetMappings": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:lb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping"
},
"description": "A subnet mapping block as documented below.\n"
},
"subnets": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ec2%2fsubnet:Subnet"
},
"description": "A list of subnets to attach to the LB. Only one of [subnets], [subnetIds] or [subnetMappings] can be specified"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n"
}
},
"isComponent": true
},
"awsx:lb:NetworkLoadBalancer": {
"description": "Provides a Network Load Balancer resource with listeners and default target group.",
"properties": {
"defaultTargetGroup": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:lb%2ftargetGroup:TargetGroup",
"description": "Default target group, if auto-created"
},
"listeners": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:lb%2flistener:Listener"
},
"description": "Listeners created as part of this load balancer"
},
"loadBalancer": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:lb%2floadBalancer:LoadBalancer",
"description": "Underlying Load Balancer resource"
},
"vpcId": {
"type": "string",
"description": "Id of the VPC in which this load balancer is operating"
}
},
"type": "object",
"required": [
"loadBalancer",
"defaultTargetGroup"
],
"inputProperties": {
"accessLogs": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:lb/LoadBalancerAccessLogs:LoadBalancerAccessLogs",
"description": "An Access Logs block. Access Logs documented below.\n"
},
"customerOwnedIpv4Pool": {
"type": "string",
"description": "The ID of the customer owned ipv4 pool to use for this load balancer.\n"
},
"defaultTargetGroup": {
"$ref": "#/types/awsx:lb:TargetGroup",
"plain": true,
"description": "Options creating a default target group."
},
"desyncMitigationMode": {
"type": "string",
"description": "Determines how the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest`.\n"
},
"dropInvalidHeaderFields": {
"type": "boolean",
"description": "Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.\n"
},
"enableCrossZoneLoadBalancing": {
"type": "boolean",
"description": "If true, cross-zone load balancing of the load balancer will be enabled.\nThis is a `network` load balancer feature. Defaults to `false`.\n"
},
"enableDeletionProtection": {
"type": "boolean",
"description": "If true, deletion of the load balancer will be disabled via\nthe AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.\n"
},
"enableWafFailOpen": {
"type": "boolean",
"description": "Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to `false`.\n"
},
"idleTimeout": {
"type": "integer",
"description": "The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.\n"
},
"internal": {
"type": "boolean",
"description": "If true, the LB will be internal.\n"
},
"ipAddressType": {
"type": "string",
"description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n"
},
"listener": {
"$ref": "#/types/awsx:lb:Listener",
"plain": true,
"description": "A listener to create. Only one of [listener] and [listeners] can be specified."
},
"listeners": {
"type": "array",
"items": {
"$ref": "#/types/awsx:lb:Listener",
"plain": true
},
"plain": true,
"description": "List of listeners to create. Only one of [listener] and [listeners] can be specified."
},
"name": {
"type": "string",
"description": "The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters,\nmust contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,\nthis provider will autogenerate a name beginning with `tf-lb`.\n"
},
"namePrefix": {
"type": "string",
"description": "Creates a unique name beginning with the specified prefix. Conflicts with `name`.\n"
},
"subnetIds": {
"type": "array",
"items": {
"type": "string"
},
"description": "A list of subnet IDs to attach to the LB. Subnets\ncannot be updated for Load Balancers of type `network`. Changing this value\nfor load balancers of type `network` will force a recreation of the resource.\n"
},
"subnetMappings": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/types/aws:lb/LoadBalancerSubnetMapping:LoadBalancerSubnetMapping"
},
"description": "A subnet mapping block as documented below.\n"
},
"subnets": {
"type": "array",
"items": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ec2%2fsubnet:Subnet"
},
"description": "A list of subnets to attach to the LB. Only one of [subnets], [subnetIds] or [subnetMappings] can be specified"
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n"
}
},
"isComponent": true
},
"awsx:lb:TargetGroupAttachment": {
"description": "Attach an EC2 instance or Lambda to a Load Balancer. This will create required permissions if attaching to a Lambda Function.",
"properties": {
"lambdaPermission": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:lambda%2fpermission:Permission",
"description": "Auto-created Lambda permission, if targeting a Lambda function"
},
"targetGroupAttachment": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:lb%2ftargetGroupAttachment:TargetGroupAttachment",
"description": "Underlying Target Group Attachment resource",
"language": {
"csharp": {
"name": "Attachment"
}
}
}
},
"type": "object",
"required": [
"targetGroupAttachment"
],
"inputProperties": {
"instance": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:ec2%2finstance:Instance",
"description": "EC2 Instance to attach to the Target Group. Exactly 1 of [instance], [instanceId], [lambda] or [lambdaArn] must be provided."
},
"instanceId": {
"type": "string",
"description": "ID of an EC2 Instance to attach to the Target Group. Exactly 1 of [instance], [instanceId], [lambda] or [lambdaArn] must be provided."
},
"lambda": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:lambda%2ffunction:Function",
"description": "Lambda Function to attach to the Target Group. Exactly 1 of [instance], [instanceId], [lambda] or [lambdaArn] must be provided.",
"language": {
"python": {
"name": "function"
}
}
},
"lambdaArn": {
"type": "string",
"description": "ARN of a Lambda Function to attach to the Target Group. Exactly 1 of [instance], [instanceId], [lambda] or [lambdaArn] must be provided."
},
"targetGroup": {
"$ref": "/aws/v5.4.0/schema.json#/resources/aws:lb%2ftargetGroup:TargetGroup",
"description": "Target Group to attach to. Exactly one of [targetGroup] or [targetGroupArn] must be specified."
},
"targetGroupArn": {
"type": "string",
"description": "ARN of the Target Group to attach to. Exactly one of [targetGroup] or [targetGroupArn] must be specified."
}
},
"isComponent": true
}
},
"functions": {
"awsx:ec2:getDefaultVpc": {
"description": "[NOT YET IMPLEMENTED] Get the Default VPC for a region.",
"inputs": {
"description": "Arguments for getting the default VPC"
},
"outputs": {
"description": "Outputs from the default VPC configuration",
"properties": {
"privateSubnetIds": {
"type": "array",
"items": {
"type": "string"
}
},
"publicSubnetIds": {
"type": "array",
"items": {
"type": "string"
}
},
"vpcId": {
"type": "string",
"description": "The VPC ID for the default VPC"
}
},
"required": [
"vpcId",
"publicSubnetIds",
"privateSubnetIds"
]
},
"deprecationMessage": "Waiting for https://github.com/pulumi/pulumi/issues/7583. Use the DefaultVpc resource until resolved."
}
},
"language": {
"csharp": {
"liftSingleValueMethodReturns": true,
"packageReferences": {
"Pulumi": "3.*",
"Pulumi.Aws": "5.*",
"Pulumi.Docker": "3.*"
}
},
"go": {
"generateResourceContainerTypes": true,
"importBasePath": "github.com/pulumi/pulumi-awsx/sdk/go/awsx",
"internalDependencies": [
"github.com/pulumi/pulumi-docker/sdk/v3/go/docker"
],
"liftSingleValueMethodReturns": true
},
"nodejs": {
"dependencies": {
"@pulumi/aws": "^5.3.0",
"@pulumi/docker": "^3.0.0",
"@pulumi/pulumi": "^3.0.0",
"mime": "^2.0.0"
},
"devDependencies": {
"@types/aws-lambda": "^8.10.23",
"@types/mime": "^2.0.0",
"@types/node": "^17.0.21",
"typescript": "^4.6.2"
}
},
"python": {
"liftSingleValueMethodReturns": true,
"readme": "Pulumi Amazon Web Services (AWS) AWSX Components.",
"requires": {
"pulumi": ">=3.0.0,<4.0.0",
"pulumi-aws": ">=5.3.0,<6.0.0",
"pulumi-docker": ">=3.0.0,<4.0.0"
},
"usesIOClasses": true
}
},
"version": "1.0.0-beta.5"
}
Reference in New Issue View Git Blame Copy Permalink