Class VpcEndpoint

Provides a VPC Endpoint resource.

NOTE on VPC Endpoints and VPC Endpoint Associations: This provider provides both standalone VPC Endpoint Associations for Route Tables - (an association between a VPC endpoint and a single route_table_id) and Subnets - (an association between a VPC endpoint and a single subnet_id) and a VPC Endpoint resource with route_table_ids and subnet_ids attributes. Do not use the same resource ID in both a VPC Endpoint resource and a VPC Endpoint Association resource. Doing so will cause a conflict of associations and will overwrite the association.

Example Usage

Basic

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
public MyStack()
{
    var s3 = new Aws.Ec2.VpcEndpoint("s3", new Aws.Ec2.VpcEndpointArgs
    {
        ServiceName = "com.amazonaws.us-west-2.s3",
        VpcId = aws_vpc.Main.Id,
    });
}

}

Basic w/ Tags

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
public MyStack()
{
    var s3 = new Aws.Ec2.VpcEndpoint("s3", new Aws.Ec2.VpcEndpointArgs
    {
        ServiceName = "com.amazonaws.us-west-2.s3",
        Tags = 
        {
            { "Environment", "test" },
        },
        VpcId = aws_vpc.Main.Id,
    });
}

}

Interface Endpoint Type

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
public MyStack()
{
    var ec2 = new Aws.Ec2.VpcEndpoint("ec2", new Aws.Ec2.VpcEndpointArgs
    {
        PrivateDnsEnabled = true,
        SecurityGroupIds = 
        {
            aws_security_group.Sg1.Id,
        },
        ServiceName = "com.amazonaws.us-west-2.ec2",
        VpcEndpointType = "Interface",
        VpcId = aws_vpc.Main.Id,
    });
}

}

Non-AWS Service

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
public MyStack()
{
    var ptfeServiceVpcEndpoint = new Aws.Ec2.VpcEndpoint("ptfeServiceVpcEndpoint", new Aws.Ec2.VpcEndpointArgs
    {
        PrivateDnsEnabled = false,
        SecurityGroupIds = 
        {
            aws_security_group.Ptfe_service.Id,
        },
        ServiceName = @var.Ptfe_service,
        SubnetIds = 
        {
            local.Subnet_ids,
        },
        VpcEndpointType = "Interface",
        VpcId = @var.Vpc_id,
    });
    var @internal = Output.Create(Aws.Route53.GetZone.InvokeAsync(new Aws.Route53.GetZoneArgs
    {
        Name = "vpc.internal.",
        PrivateZone = true,
        VpcId = @var.Vpc_id,
    }));
    var ptfeServiceRecord = new Aws.Route53.Record("ptfeServiceRecord", new Aws.Route53.RecordArgs
    {
        Name = @internal.Apply(@internal => $"ptfe.{@internal.Name}"),
        Records = 
        {
            ptfeServiceVpcEndpoint.DnsEntries.Apply(dnsEntries => dnsEntries[0])["dns_name"],
        },
        Ttl = "300",
        Type = "CNAME",
        ZoneId = @internal.Apply(@internal => @internal.ZoneId),
    });
}

}
Inheritance
System.Object
Resource
CustomResource
VpcEndpoint
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: Pulumi.Aws.Ec2
Assembly: Pulumi.Aws.dll
Syntax
public class VpcEndpoint : CustomResource

Constructors

View Source

VpcEndpoint(String, VpcEndpointArgs, CustomResourceOptions)

Create a VpcEndpoint resource with the given unique name, arguments, and options.

Declaration
public VpcEndpoint(string name, VpcEndpointArgs args, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resource
VpcEndpointArgs args

The arguments used to populate this resource's properties
CustomResourceOptions options

A bag of options that control this resource's behavior

Properties

View Source

AutoAccept

Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).

Declaration
public Output<bool?> AutoAccept { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

CidrBlocks

The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.

Declaration
public Output<ImmutableArray<string>> CidrBlocks { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

DnsEntries

The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.

Declaration
public Output<ImmutableArray<VpcEndpointDnsEntry>> DnsEntries { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<VpcEndpointDnsEntry>>
View Source

NetworkInterfaceIds

One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.

Declaration
public Output<ImmutableArray<string>> NetworkInterfaceIds { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

OwnerId

The ID of the AWS account that owns the VPC endpoint.

Declaration
public Output<string> OwnerId { get; }
Property Value
Type Description
Output<System.String>
View Source

Policy

A policy to attach to the endpoint that controls access to the service. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.

Declaration
public Output<string> Policy { get; }
Property Value
Type Description
Output<System.String>
View Source

PrefixListId

The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.

Declaration
public Output<string> PrefixListId { get; }
Property Value
Type Description
Output<System.String>
View Source

PrivateDnsEnabled

Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to false.

Declaration
public Output<bool?> PrivateDnsEnabled { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

RequesterManaged

Whether or not the VPC Endpoint is being managed by its service - true or false.

Declaration
public Output<bool> RequesterManaged { get; }
Property Value
Type Description
Output<System.Boolean>
View Source

RouteTableIds

One or more route table IDs. Applicable for endpoints of type Gateway.

Declaration
public Output<ImmutableArray<string>> RouteTableIds { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

SecurityGroupIds

The ID of one or more security groups to associate with the network interface. Required for endpoints of type Interface.

Declaration
public Output<ImmutableArray<string>> SecurityGroupIds { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

ServiceName

The service name. For AWS services the service name is usually in the form com.amazonaws.&lt;region>.&lt;service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.&lt;region>.notebook).

Declaration
public Output<string> ServiceName { get; }
Property Value
Type Description
Output<System.String>
View Source

State

The state of the VPC endpoint.

Declaration
public Output<string> State { get; }
Property Value
Type Description
Output<System.String>
View Source

SubnetIds

The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type Interface.

Declaration
public Output<ImmutableArray<string>> SubnetIds { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

Tags

A map of tags to assign to the resource.

Declaration
public Output<ImmutableDictionary<string, object>> Tags { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableDictionary<System.String, System.Object>>
View Source

VpcEndpointType

The VPC endpoint type, Gateway or Interface. Defaults to Gateway.

Declaration
public Output<string> VpcEndpointType { get; }
Property Value
Type Description
Output<System.String>
View Source

VpcId

The ID of the VPC in which the endpoint will be used.

Declaration
public Output<string> VpcId { get; }
Property Value
Type Description
Output<System.String>

Methods

View Source

Get(String, Input<String>, VpcEndpointState, CustomResourceOptions)

Get an existing VpcEndpoint resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

Declaration
public static VpcEndpoint Get(string name, Input<string> id, VpcEndpointState state = null, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resulting resource.
Input<System.String> id

The unique provider ID of the resource to lookup.
VpcEndpointState state

Any extra arguments used during the lookup.
CustomResourceOptions options

A bag of options that control this resource's behavior
Returns
Type Description
VpcEndpoint