1. Packages
  2. AWS Native
  3. API Docs
  4. Provider

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi

aws-native.Provider

Explore with Pulumi AI

aws-native logo

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi

    The provider type for the AWS native package. By default, resources use package-wide configuration settings, however an explicit Provider instance may be created and passed during resource construction to achieve fine-grained programmatic control over provider settings. See the documentation for more information.

    Create Provider Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Provider(name: string, args: ProviderArgs, opts?: CustomResourceOptions);
    @overload
    def Provider(resource_name: str,
                 args: ProviderArgs,
                 opts: Optional[ResourceOptions] = None)
    
    @overload
    def Provider(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 access_key: Optional[str] = None,
                 allowed_account_ids: Optional[Sequence[str]] = None,
                 assume_role: Optional[ProviderAssumeRoleArgs] = None,
                 default_tags: Optional[ProviderDefaultTagsArgs] = None,
                 endpoints: Optional[Sequence[ProviderEndpointArgs]] = None,
                 forbidden_account_ids: Optional[Sequence[str]] = None,
                 ignore_tags: Optional[ProviderIgnoreTagsArgs] = None,
                 insecure: Optional[bool] = None,
                 max_retries: Optional[int] = None,
                 profile: Optional[str] = None,
                 region: Optional[str] = None,
                 role_arn: Optional[str] = None,
                 s3_force_path_style: Optional[bool] = None,
                 secret_key: Optional[str] = None,
                 shared_credentials_file: Optional[str] = None,
                 skip_credentials_validation: Optional[bool] = None,
                 skip_get_ec2_platforms: Optional[bool] = None,
                 skip_metadata_api_check: Optional[bool] = None,
                 skip_region_validation: Optional[bool] = None,
                 skip_requesting_account_id: Optional[bool] = None,
                 token: Optional[str] = None)
    func NewProvider(ctx *Context, name string, args ProviderArgs, opts ...ResourceOption) (*Provider, error)
    public Provider(string name, ProviderArgs args, CustomResourceOptions? opts = null)
    public Provider(String name, ProviderArgs args)
    public Provider(String name, ProviderArgs args, CustomResourceOptions options)
    
    type: pulumi:providers:aws-native
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args ProviderArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ProviderArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ProviderArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ProviderArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ProviderArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Provider Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Provider resource accepts the following input properties:

    Region string
    The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc. It can also be sourced from the following environment variables: AWS_REGION, AWS_DEFAULT_REGION
    AccessKey string
    The access key for API operations. You can retrieve this from the ‘Security & Credentials’ section of the AWS console.
    AllowedAccountIds List<string>
    List of allowed AWS account IDs to prevent you from mistakenly using an incorrect one. Conflicts with forbiddenAccountIds.
    AssumeRole Pulumi.AwsNative.Inputs.ProviderAssumeRole
    Configuration for retrieving temporary credentials from the STS service.
    DefaultTags Pulumi.AwsNative.Inputs.ProviderDefaultTags
    Configuration block with resource tag settings to apply across all resources handled by this provider. This is designed to replace redundant per-resource tags configurations. Provider tags can be overridden with new values, but not excluded from specific resources. To override provider tag values, use the tags argument within a resource to configure new tag values for matching keys.
    Endpoints List<Pulumi.AwsNative.Inputs.ProviderEndpoint>
    Configuration block for customizing service endpoints.
    ForbiddenAccountIds List<string>
    List of forbidden AWS account IDs to prevent you from mistakenly using the wrong one (and potentially end up destroying a live environment). Conflicts with allowedAccountIds.
    IgnoreTags Pulumi.AwsNative.Inputs.ProviderIgnoreTags
    Configuration block with resource tag settings to ignore across all resources handled by this provider (except any individual service tag resources such as ec2.Tag) for situations where external systems are managing certain resource tags.
    Insecure bool
    Explicitly allow the provider to perform "insecure" SSL requests. If omitted,default value is false.
    MaxRetries int
    The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.
    Profile string
    The profile for API operations. If not set, the default profile created with aws configure will be used. It can also be sourced from the following environment variable: AWS_PROFILE
    RoleArn string
    The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role for Cloud Control API to use when performing this resource operation. Note, this is a unique feature for server side security enforcement, not to be confused with assumeRole, which is used to obtain temporary client credentials. If you do not specify a role, Cloud Control API uses a temporary session created using your AWS user credentials instead.
    S3ForcePathStyle bool
    Set this to true to force the request to use path-style addressing, i.e., http://s3.amazonaws.com/BUCKET/KEY. By default, the S3 client will use virtual hosted bucket addressing when possible (http://BUCKET.s3.amazonaws.com/KEY). Specific to the Amazon S3 service.
    SecretKey string
    The secret key for API operations. You can retrieve this from the 'Security & Credentials' section of the AWS console.
    SharedCredentialsFile string
    The path to the shared credentials file. If not set this defaults to ~/.aws/credentials. It can also be sourced from the following environment variable: AWS_SHARED_CREDENTIALS_FILE
    SkipCredentialsValidation bool
    Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS available/implemented.
    SkipGetEc2Platforms bool
    Skip getting the supported EC2 platforms. Used by users that don't have ec2:DescribeAccountAttributes permissions.
    SkipMetadataApiCheck bool
    Skip the AWS Metadata API check. Useful for AWS API implementations that do not have a metadata API endpoint. Setting to true prevents Pulumi from authenticating via the Metadata API. You may need to use other authentication methods like static credentials, configuration variables, or environment variables.
    SkipRegionValidation bool
    Skip static validation of region name. Used by users of alternative AWS-like APIs or users with access to regions that are not public.
    SkipRequestingAccountId bool
    Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.
    Token string
    Session token for validating temporary credentials. Typically provided after successful identity federation or Multi-Factor Authentication (MFA) login. With MFA login, this is the session token provided afterward, not the 6 digit MFA code used to get temporary credentials.
    Region string
    The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc. It can also be sourced from the following environment variables: AWS_REGION, AWS_DEFAULT_REGION
    AccessKey string
    The access key for API operations. You can retrieve this from the ‘Security & Credentials’ section of the AWS console.
    AllowedAccountIds []string
    List of allowed AWS account IDs to prevent you from mistakenly using an incorrect one. Conflicts with forbiddenAccountIds.
    AssumeRole ProviderAssumeRoleArgs
    Configuration for retrieving temporary credentials from the STS service.
    DefaultTags ProviderDefaultTagsArgs
    Configuration block with resource tag settings to apply across all resources handled by this provider. This is designed to replace redundant per-resource tags configurations. Provider tags can be overridden with new values, but not excluded from specific resources. To override provider tag values, use the tags argument within a resource to configure new tag values for matching keys.
    Endpoints []ProviderEndpointArgs
    Configuration block for customizing service endpoints.
    ForbiddenAccountIds []string
    List of forbidden AWS account IDs to prevent you from mistakenly using the wrong one (and potentially end up destroying a live environment). Conflicts with allowedAccountIds.
    IgnoreTags ProviderIgnoreTagsArgs
    Configuration block with resource tag settings to ignore across all resources handled by this provider (except any individual service tag resources such as ec2.Tag) for situations where external systems are managing certain resource tags.
    Insecure bool
    Explicitly allow the provider to perform "insecure" SSL requests. If omitted,default value is false.
    MaxRetries int
    The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.
    Profile string
    The profile for API operations. If not set, the default profile created with aws configure will be used. It can also be sourced from the following environment variable: AWS_PROFILE
    RoleArn string
    The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role for Cloud Control API to use when performing this resource operation. Note, this is a unique feature for server side security enforcement, not to be confused with assumeRole, which is used to obtain temporary client credentials. If you do not specify a role, Cloud Control API uses a temporary session created using your AWS user credentials instead.
    S3ForcePathStyle bool
    Set this to true to force the request to use path-style addressing, i.e., http://s3.amazonaws.com/BUCKET/KEY. By default, the S3 client will use virtual hosted bucket addressing when possible (http://BUCKET.s3.amazonaws.com/KEY). Specific to the Amazon S3 service.
    SecretKey string
    The secret key for API operations. You can retrieve this from the 'Security & Credentials' section of the AWS console.
    SharedCredentialsFile string
    The path to the shared credentials file. If not set this defaults to ~/.aws/credentials. It can also be sourced from the following environment variable: AWS_SHARED_CREDENTIALS_FILE
    SkipCredentialsValidation bool
    Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS available/implemented.
    SkipGetEc2Platforms bool
    Skip getting the supported EC2 platforms. Used by users that don't have ec2:DescribeAccountAttributes permissions.
    SkipMetadataApiCheck bool
    Skip the AWS Metadata API check. Useful for AWS API implementations that do not have a metadata API endpoint. Setting to true prevents Pulumi from authenticating via the Metadata API. You may need to use other authentication methods like static credentials, configuration variables, or environment variables.
    SkipRegionValidation bool
    Skip static validation of region name. Used by users of alternative AWS-like APIs or users with access to regions that are not public.
    SkipRequestingAccountId bool
    Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.
    Token string
    Session token for validating temporary credentials. Typically provided after successful identity federation or Multi-Factor Authentication (MFA) login. With MFA login, this is the session token provided afterward, not the 6 digit MFA code used to get temporary credentials.
    region String
    The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc. It can also be sourced from the following environment variables: AWS_REGION, AWS_DEFAULT_REGION
    accessKey String
    The access key for API operations. You can retrieve this from the ‘Security & Credentials’ section of the AWS console.
    allowedAccountIds List<String>
    List of allowed AWS account IDs to prevent you from mistakenly using an incorrect one. Conflicts with forbiddenAccountIds.
    assumeRole ProviderAssumeRole
    Configuration for retrieving temporary credentials from the STS service.
    defaultTags ProviderDefaultTags
    Configuration block with resource tag settings to apply across all resources handled by this provider. This is designed to replace redundant per-resource tags configurations. Provider tags can be overridden with new values, but not excluded from specific resources. To override provider tag values, use the tags argument within a resource to configure new tag values for matching keys.
    endpoints List<ProviderEndpoint>
    Configuration block for customizing service endpoints.
    forbiddenAccountIds List<String>
    List of forbidden AWS account IDs to prevent you from mistakenly using the wrong one (and potentially end up destroying a live environment). Conflicts with allowedAccountIds.
    ignoreTags ProviderIgnoreTags
    Configuration block with resource tag settings to ignore across all resources handled by this provider (except any individual service tag resources such as ec2.Tag) for situations where external systems are managing certain resource tags.
    insecure Boolean
    Explicitly allow the provider to perform "insecure" SSL requests. If omitted,default value is false.
    maxRetries Integer
    The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.
    profile String
    The profile for API operations. If not set, the default profile created with aws configure will be used. It can also be sourced from the following environment variable: AWS_PROFILE
    roleArn String
    The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role for Cloud Control API to use when performing this resource operation. Note, this is a unique feature for server side security enforcement, not to be confused with assumeRole, which is used to obtain temporary client credentials. If you do not specify a role, Cloud Control API uses a temporary session created using your AWS user credentials instead.
    s3ForcePathStyle Boolean
    Set this to true to force the request to use path-style addressing, i.e., http://s3.amazonaws.com/BUCKET/KEY. By default, the S3 client will use virtual hosted bucket addressing when possible (http://BUCKET.s3.amazonaws.com/KEY). Specific to the Amazon S3 service.
    secretKey String
    The secret key for API operations. You can retrieve this from the 'Security & Credentials' section of the AWS console.
    sharedCredentialsFile String
    The path to the shared credentials file. If not set this defaults to ~/.aws/credentials. It can also be sourced from the following environment variable: AWS_SHARED_CREDENTIALS_FILE
    skipCredentialsValidation Boolean
    Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS available/implemented.
    skipGetEc2Platforms Boolean
    Skip getting the supported EC2 platforms. Used by users that don't have ec2:DescribeAccountAttributes permissions.
    skipMetadataApiCheck Boolean
    Skip the AWS Metadata API check. Useful for AWS API implementations that do not have a metadata API endpoint. Setting to true prevents Pulumi from authenticating via the Metadata API. You may need to use other authentication methods like static credentials, configuration variables, or environment variables.
    skipRegionValidation Boolean
    Skip static validation of region name. Used by users of alternative AWS-like APIs or users with access to regions that are not public.
    skipRequestingAccountId Boolean
    Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.
    token String
    Session token for validating temporary credentials. Typically provided after successful identity federation or Multi-Factor Authentication (MFA) login. With MFA login, this is the session token provided afterward, not the 6 digit MFA code used to get temporary credentials.
    region Region
    The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc. It can also be sourced from the following environment variables: AWS_REGION, AWS_DEFAULT_REGION
    accessKey string
    The access key for API operations. You can retrieve this from the ‘Security & Credentials’ section of the AWS console.
    allowedAccountIds string[]
    List of allowed AWS account IDs to prevent you from mistakenly using an incorrect one. Conflicts with forbiddenAccountIds.
    assumeRole ProviderAssumeRole
    Configuration for retrieving temporary credentials from the STS service.
    defaultTags ProviderDefaultTags
    Configuration block with resource tag settings to apply across all resources handled by this provider. This is designed to replace redundant per-resource tags configurations. Provider tags can be overridden with new values, but not excluded from specific resources. To override provider tag values, use the tags argument within a resource to configure new tag values for matching keys.
    endpoints ProviderEndpoint[]
    Configuration block for customizing service endpoints.
    forbiddenAccountIds string[]
    List of forbidden AWS account IDs to prevent you from mistakenly using the wrong one (and potentially end up destroying a live environment). Conflicts with allowedAccountIds.
    ignoreTags ProviderIgnoreTags
    Configuration block with resource tag settings to ignore across all resources handled by this provider (except any individual service tag resources such as ec2.Tag) for situations where external systems are managing certain resource tags.
    insecure boolean
    Explicitly allow the provider to perform "insecure" SSL requests. If omitted,default value is false.
    maxRetries number
    The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.
    profile string
    The profile for API operations. If not set, the default profile created with aws configure will be used. It can also be sourced from the following environment variable: AWS_PROFILE
    roleArn string
    The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role for Cloud Control API to use when performing this resource operation. Note, this is a unique feature for server side security enforcement, not to be confused with assumeRole, which is used to obtain temporary client credentials. If you do not specify a role, Cloud Control API uses a temporary session created using your AWS user credentials instead.
    s3ForcePathStyle boolean
    Set this to true to force the request to use path-style addressing, i.e., http://s3.amazonaws.com/BUCKET/KEY. By default, the S3 client will use virtual hosted bucket addressing when possible (http://BUCKET.s3.amazonaws.com/KEY). Specific to the Amazon S3 service.
    secretKey string
    The secret key for API operations. You can retrieve this from the 'Security & Credentials' section of the AWS console.
    sharedCredentialsFile string
    The path to the shared credentials file. If not set this defaults to ~/.aws/credentials. It can also be sourced from the following environment variable: AWS_SHARED_CREDENTIALS_FILE
    skipCredentialsValidation boolean
    Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS available/implemented.
    skipGetEc2Platforms boolean
    Skip getting the supported EC2 platforms. Used by users that don't have ec2:DescribeAccountAttributes permissions.
    skipMetadataApiCheck boolean
    Skip the AWS Metadata API check. Useful for AWS API implementations that do not have a metadata API endpoint. Setting to true prevents Pulumi from authenticating via the Metadata API. You may need to use other authentication methods like static credentials, configuration variables, or environment variables.
    skipRegionValidation boolean
    Skip static validation of region name. Used by users of alternative AWS-like APIs or users with access to regions that are not public.
    skipRequestingAccountId boolean
    Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.
    token string
    Session token for validating temporary credentials. Typically provided after successful identity federation or Multi-Factor Authentication (MFA) login. With MFA login, this is the session token provided afterward, not the 6 digit MFA code used to get temporary credentials.
    region str
    The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc. It can also be sourced from the following environment variables: AWS_REGION, AWS_DEFAULT_REGION
    access_key str
    The access key for API operations. You can retrieve this from the ‘Security & Credentials’ section of the AWS console.
    allowed_account_ids Sequence[str]
    List of allowed AWS account IDs to prevent you from mistakenly using an incorrect one. Conflicts with forbiddenAccountIds.
    assume_role ProviderAssumeRoleArgs
    Configuration for retrieving temporary credentials from the STS service.
    default_tags ProviderDefaultTagsArgs
    Configuration block with resource tag settings to apply across all resources handled by this provider. This is designed to replace redundant per-resource tags configurations. Provider tags can be overridden with new values, but not excluded from specific resources. To override provider tag values, use the tags argument within a resource to configure new tag values for matching keys.
    endpoints Sequence[ProviderEndpointArgs]
    Configuration block for customizing service endpoints.
    forbidden_account_ids Sequence[str]
    List of forbidden AWS account IDs to prevent you from mistakenly using the wrong one (and potentially end up destroying a live environment). Conflicts with allowedAccountIds.
    ignore_tags ProviderIgnoreTagsArgs
    Configuration block with resource tag settings to ignore across all resources handled by this provider (except any individual service tag resources such as ec2.Tag) for situations where external systems are managing certain resource tags.
    insecure bool
    Explicitly allow the provider to perform "insecure" SSL requests. If omitted,default value is false.
    max_retries int
    The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.
    profile str
    The profile for API operations. If not set, the default profile created with aws configure will be used. It can also be sourced from the following environment variable: AWS_PROFILE
    role_arn str
    The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role for Cloud Control API to use when performing this resource operation. Note, this is a unique feature for server side security enforcement, not to be confused with assumeRole, which is used to obtain temporary client credentials. If you do not specify a role, Cloud Control API uses a temporary session created using your AWS user credentials instead.
    s3_force_path_style bool
    Set this to true to force the request to use path-style addressing, i.e., http://s3.amazonaws.com/BUCKET/KEY. By default, the S3 client will use virtual hosted bucket addressing when possible (http://BUCKET.s3.amazonaws.com/KEY). Specific to the Amazon S3 service.
    secret_key str
    The secret key for API operations. You can retrieve this from the 'Security & Credentials' section of the AWS console.
    shared_credentials_file str
    The path to the shared credentials file. If not set this defaults to ~/.aws/credentials. It can also be sourced from the following environment variable: AWS_SHARED_CREDENTIALS_FILE
    skip_credentials_validation bool
    Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS available/implemented.
    skip_get_ec2_platforms bool
    Skip getting the supported EC2 platforms. Used by users that don't have ec2:DescribeAccountAttributes permissions.
    skip_metadata_api_check bool
    Skip the AWS Metadata API check. Useful for AWS API implementations that do not have a metadata API endpoint. Setting to true prevents Pulumi from authenticating via the Metadata API. You may need to use other authentication methods like static credentials, configuration variables, or environment variables.
    skip_region_validation bool
    Skip static validation of region name. Used by users of alternative AWS-like APIs or users with access to regions that are not public.
    skip_requesting_account_id bool
    Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.
    token str
    Session token for validating temporary credentials. Typically provided after successful identity federation or Multi-Factor Authentication (MFA) login. With MFA login, this is the session token provided afterward, not the 6 digit MFA code used to get temporary credentials.
    region
    The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc. It can also be sourced from the following environment variables: AWS_REGION, AWS_DEFAULT_REGION
    accessKey String
    The access key for API operations. You can retrieve this from the ‘Security & Credentials’ section of the AWS console.
    allowedAccountIds List<String>
    List of allowed AWS account IDs to prevent you from mistakenly using an incorrect one. Conflicts with forbiddenAccountIds.
    assumeRole Property Map
    Configuration for retrieving temporary credentials from the STS service.
    defaultTags Property Map
    Configuration block with resource tag settings to apply across all resources handled by this provider. This is designed to replace redundant per-resource tags configurations. Provider tags can be overridden with new values, but not excluded from specific resources. To override provider tag values, use the tags argument within a resource to configure new tag values for matching keys.
    endpoints List<Property Map>
    Configuration block for customizing service endpoints.
    forbiddenAccountIds List<String>
    List of forbidden AWS account IDs to prevent you from mistakenly using the wrong one (and potentially end up destroying a live environment). Conflicts with allowedAccountIds.
    ignoreTags Property Map
    Configuration block with resource tag settings to ignore across all resources handled by this provider (except any individual service tag resources such as ec2.Tag) for situations where external systems are managing certain resource tags.
    insecure Boolean
    Explicitly allow the provider to perform "insecure" SSL requests. If omitted,default value is false.
    maxRetries Number
    The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.
    profile String
    The profile for API operations. If not set, the default profile created with aws configure will be used. It can also be sourced from the following environment variable: AWS_PROFILE
    roleArn String
    The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role for Cloud Control API to use when performing this resource operation. Note, this is a unique feature for server side security enforcement, not to be confused with assumeRole, which is used to obtain temporary client credentials. If you do not specify a role, Cloud Control API uses a temporary session created using your AWS user credentials instead.
    s3ForcePathStyle Boolean
    Set this to true to force the request to use path-style addressing, i.e., http://s3.amazonaws.com/BUCKET/KEY. By default, the S3 client will use virtual hosted bucket addressing when possible (http://BUCKET.s3.amazonaws.com/KEY). Specific to the Amazon S3 service.
    secretKey String
    The secret key for API operations. You can retrieve this from the 'Security & Credentials' section of the AWS console.
    sharedCredentialsFile String
    The path to the shared credentials file. If not set this defaults to ~/.aws/credentials. It can also be sourced from the following environment variable: AWS_SHARED_CREDENTIALS_FILE
    skipCredentialsValidation Boolean
    Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS available/implemented.
    skipGetEc2Platforms Boolean
    Skip getting the supported EC2 platforms. Used by users that don't have ec2:DescribeAccountAttributes permissions.
    skipMetadataApiCheck Boolean
    Skip the AWS Metadata API check. Useful for AWS API implementations that do not have a metadata API endpoint. Setting to true prevents Pulumi from authenticating via the Metadata API. You may need to use other authentication methods like static credentials, configuration variables, or environment variables.
    skipRegionValidation Boolean
    Skip static validation of region name. Used by users of alternative AWS-like APIs or users with access to regions that are not public.
    skipRequestingAccountId Boolean
    Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.
    token String
    Session token for validating temporary credentials. Typically provided after successful identity federation or Multi-Factor Authentication (MFA) login. With MFA login, this is the session token provided afterward, not the 6 digit MFA code used to get temporary credentials.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Provider resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Supporting Types

    ProviderAssumeRole, ProviderAssumeRoleArgs

    DurationSeconds int
    Number of seconds to restrict the assume role session duration.
    ExternalId string
    External identifier to use when assuming the role.
    Policy string
    IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.
    PolicyArns List<string>
    Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the role.
    RoleArn string
    Amazon Resource Name (ARN) of the IAM Role to assume.
    SessionName string
    Session name to use when assuming the role.
    Tags Dictionary<string, string>
    Map of assume role session tags.
    TransitiveTagKeys List<string>
    A list of keys for session tags that you want to set as transitive. If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain.
    DurationSeconds int
    Number of seconds to restrict the assume role session duration.
    ExternalId string
    External identifier to use when assuming the role.
    Policy string
    IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.
    PolicyArns []string
    Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the role.
    RoleArn string
    Amazon Resource Name (ARN) of the IAM Role to assume.
    SessionName string
    Session name to use when assuming the role.
    Tags map[string]string
    Map of assume role session tags.
    TransitiveTagKeys []string
    A list of keys for session tags that you want to set as transitive. If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain.
    durationSeconds Integer
    Number of seconds to restrict the assume role session duration.
    externalId String
    External identifier to use when assuming the role.
    policy String
    IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.
    policyArns List<String>
    Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the role.
    roleArn String
    Amazon Resource Name (ARN) of the IAM Role to assume.
    sessionName String
    Session name to use when assuming the role.
    tags Map<String,String>
    Map of assume role session tags.
    transitiveTagKeys List<String>
    A list of keys for session tags that you want to set as transitive. If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain.
    durationSeconds number
    Number of seconds to restrict the assume role session duration.
    externalId string
    External identifier to use when assuming the role.
    policy string
    IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.
    policyArns string[]
    Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the role.
    roleArn string
    Amazon Resource Name (ARN) of the IAM Role to assume.
    sessionName string
    Session name to use when assuming the role.
    tags {[key: string]: string}
    Map of assume role session tags.
    transitiveTagKeys string[]
    A list of keys for session tags that you want to set as transitive. If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain.
    duration_seconds int
    Number of seconds to restrict the assume role session duration.
    external_id str
    External identifier to use when assuming the role.
    policy str
    IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.
    policy_arns Sequence[str]
    Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the role.
    role_arn str
    Amazon Resource Name (ARN) of the IAM Role to assume.
    session_name str
    Session name to use when assuming the role.
    tags Mapping[str, str]
    Map of assume role session tags.
    transitive_tag_keys Sequence[str]
    A list of keys for session tags that you want to set as transitive. If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain.
    durationSeconds Number
    Number of seconds to restrict the assume role session duration.
    externalId String
    External identifier to use when assuming the role.
    policy String
    IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.
    policyArns List<String>
    Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the role.
    roleArn String
    Amazon Resource Name (ARN) of the IAM Role to assume.
    sessionName String
    Session name to use when assuming the role.
    tags Map<String>
    Map of assume role session tags.
    transitiveTagKeys List<String>
    A list of keys for session tags that you want to set as transitive. If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain.

    ProviderDefaultTags, ProviderDefaultTagsArgs

    Tags Dictionary<string, string>
    A group of tags to set across all resources.
    Tags map[string]string
    A group of tags to set across all resources.
    tags Map<String,String>
    A group of tags to set across all resources.
    tags {[key: string]: string}
    A group of tags to set across all resources.
    tags Mapping[str, str]
    A group of tags to set across all resources.
    tags Map<String>
    A group of tags to set across all resources.

    ProviderEndpoint, ProviderEndpointArgs

    Cloudcontrol string
    Override the default endpoint for AWS CloudControl
    Cloudformation string
    Override the default endpoint for AWS CloudFormation
    Ec2 string
    Override the default endpoint for AWS Elastic Compute Cloud (EC2)
    Ssm string
    Override the default endpoint for AWS Systems Manager
    Sts string
    Override the default endpoint for AWS Security Token Service (STS)
    Cloudcontrol string
    Override the default endpoint for AWS CloudControl
    Cloudformation string
    Override the default endpoint for AWS CloudFormation
    Ec2 string
    Override the default endpoint for AWS Elastic Compute Cloud (EC2)
    Ssm string
    Override the default endpoint for AWS Systems Manager
    Sts string
    Override the default endpoint for AWS Security Token Service (STS)
    cloudcontrol String
    Override the default endpoint for AWS CloudControl
    cloudformation String
    Override the default endpoint for AWS CloudFormation
    ec2 String
    Override the default endpoint for AWS Elastic Compute Cloud (EC2)
    ssm String
    Override the default endpoint for AWS Systems Manager
    sts String
    Override the default endpoint for AWS Security Token Service (STS)
    cloudcontrol string
    Override the default endpoint for AWS CloudControl
    cloudformation string
    Override the default endpoint for AWS CloudFormation
    ec2 string
    Override the default endpoint for AWS Elastic Compute Cloud (EC2)
    ssm string
    Override the default endpoint for AWS Systems Manager
    sts string
    Override the default endpoint for AWS Security Token Service (STS)
    cloudcontrol str
    Override the default endpoint for AWS CloudControl
    cloudformation str
    Override the default endpoint for AWS CloudFormation
    ec2 str
    Override the default endpoint for AWS Elastic Compute Cloud (EC2)
    ssm str
    Override the default endpoint for AWS Systems Manager
    sts str
    Override the default endpoint for AWS Security Token Service (STS)
    cloudcontrol String
    Override the default endpoint for AWS CloudControl
    cloudformation String
    Override the default endpoint for AWS CloudFormation
    ec2 String
    Override the default endpoint for AWS Elastic Compute Cloud (EC2)
    ssm String
    Override the default endpoint for AWS Systems Manager
    sts String
    Override the default endpoint for AWS Security Token Service (STS)

    ProviderIgnoreTags, ProviderIgnoreTagsArgs

    KeyPrefixes List<string>
    List of exact resource tag keys to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning the tag in any tags attributes and displaying any configuration difference for the tag value. If any resource configuration still has this tag key configured in the tags argument, it will display a perpetual difference until the tag is removed from the argument or ignoreChanges is also used.
    Keys List<string>
    List of resource tag key prefixes to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning any tag key matching the prefixes in any tags attributes and displaying any configuration difference for those tag values. If any resource configuration still has a tag matching one of the prefixes configured in the tags argument, it will display a perpetual difference until the tag is removed from the argument or ignoreChanges is also used.
    KeyPrefixes []string
    List of exact resource tag keys to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning the tag in any tags attributes and displaying any configuration difference for the tag value. If any resource configuration still has this tag key configured in the tags argument, it will display a perpetual difference until the tag is removed from the argument or ignoreChanges is also used.
    Keys []string
    List of resource tag key prefixes to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning any tag key matching the prefixes in any tags attributes and displaying any configuration difference for those tag values. If any resource configuration still has a tag matching one of the prefixes configured in the tags argument, it will display a perpetual difference until the tag is removed from the argument or ignoreChanges is also used.
    keyPrefixes List<String>
    List of exact resource tag keys to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning the tag in any tags attributes and displaying any configuration difference for the tag value. If any resource configuration still has this tag key configured in the tags argument, it will display a perpetual difference until the tag is removed from the argument or ignoreChanges is also used.
    keys List<String>
    List of resource tag key prefixes to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning any tag key matching the prefixes in any tags attributes and displaying any configuration difference for those tag values. If any resource configuration still has a tag matching one of the prefixes configured in the tags argument, it will display a perpetual difference until the tag is removed from the argument or ignoreChanges is also used.
    keyPrefixes string[]
    List of exact resource tag keys to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning the tag in any tags attributes and displaying any configuration difference for the tag value. If any resource configuration still has this tag key configured in the tags argument, it will display a perpetual difference until the tag is removed from the argument or ignoreChanges is also used.
    keys string[]
    List of resource tag key prefixes to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning any tag key matching the prefixes in any tags attributes and displaying any configuration difference for those tag values. If any resource configuration still has a tag matching one of the prefixes configured in the tags argument, it will display a perpetual difference until the tag is removed from the argument or ignoreChanges is also used.
    key_prefixes Sequence[str]
    List of exact resource tag keys to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning the tag in any tags attributes and displaying any configuration difference for the tag value. If any resource configuration still has this tag key configured in the tags argument, it will display a perpetual difference until the tag is removed from the argument or ignoreChanges is also used.
    keys Sequence[str]
    List of resource tag key prefixes to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning any tag key matching the prefixes in any tags attributes and displaying any configuration difference for those tag values. If any resource configuration still has a tag matching one of the prefixes configured in the tags argument, it will display a perpetual difference until the tag is removed from the argument or ignoreChanges is also used.
    keyPrefixes List<String>
    List of exact resource tag keys to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning the tag in any tags attributes and displaying any configuration difference for the tag value. If any resource configuration still has this tag key configured in the tags argument, it will display a perpetual difference until the tag is removed from the argument or ignoreChanges is also used.
    keys List<String>
    List of resource tag key prefixes to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning any tag key matching the prefixes in any tags attributes and displaying any configuration difference for those tag values. If any resource configuration still has a tag matching one of the prefixes configured in the tags argument, it will display a perpetual difference until the tag is removed from the argument or ignoreChanges is also used.

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    AWS Native is in preview. AWS Classic is fully supported.

    AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi