0
# Global Data Sources
1

2
Global utility functions for retrieving AWS account, region, service, and infrastructure information that applies across all AWS services.
3

4
## Capabilities
5

6
### Caller Identity
7

8
Retrieve information about the current AWS identity making API calls.
9

10
```typescript { .api }
11
/**
12
 * Get information about the AWS caller identity
13
 * @param args - Optional arguments (none currently supported)
14
 * @returns Promise resolving to caller identity details
15
 */
16
function getCallerIdentity(args?: GetCallerIdentityArgs): Promise<GetCallerIdentityResult>;
17
function getCallerIdentityOutput(args?: GetCallerIdentityOutputArgs): pulumi.Output<GetCallerIdentityResult>;
18

19
interface GetCallerIdentityArgs {
20
    // No arguments currently supported
21
}
22

23
interface GetCallerIdentityResult {
24
    /** AWS account ID (12-digit number) */
25
    readonly accountId: string;
26
    /** ARN of the calling identity (user, role, or federated user) */
27
    readonly arn: string;
28
    /** Internal AWS ID string */
29
    readonly id: string;
30
    /** Unique identifier of the calling identity */
31
    readonly userId: string;
32
}
33
```
34

35
**Usage Examples:**
36

37
```typescript
38
import * as aws from "@pulumi/aws";
39

40
// Get current identity
41
const identity = await aws.getCallerIdentity();
42
console.log(`Account ID: ${identity.accountId}`);
43
console.log(`User ARN: ${identity.arn}`);
44

45
// Use in resource configuration
46
const bucket = new aws.s3.Bucket("account-bucket", {
47
    bucket: `my-bucket-${identity.accountId}`
48
});
49
```
50

51
### Region Information
52

53
Retrieve information about AWS regions and availability zones.
54

55
```typescript { .api }
56
/**
57
 * Get information about the current AWS region
58
 * @param args - Optional region selection arguments
59
 * @returns Promise resolving to region details
60
 */
61
function getRegion(args?: GetRegionArgs): Promise<GetRegionResult>;
62
function getRegionOutput(args?: GetRegionOutputArgs): pulumi.Output<GetRegionResult>; 
63

64
interface GetRegionArgs {
65
    /** Specific region name to query (defaults to current region) */
66
    name?: string;
67
}
68

69
interface GetRegionResult {
70
    /** Region description */
71
    readonly description: string;
72
    /** Region endpoint URL */
73
    readonly endpoint: string; 
74
    /** Internal AWS region ID */
75
    readonly id: string;
76
    /** Region name (e.g., "us-west-2") */
77
    readonly name: string;
78
}
79

80
/**
81
 * Get list of all available AWS regions
82
 * @param args - Optional filtering arguments
83
 * @returns Promise resolving to list of regions
84
 */
85
function getRegions(args?: GetRegionsArgs): Promise<GetRegionsResult>;
86
function getRegionsOutput(args?: GetRegionsOutputArgs): pulumi.Output<GetRegionsResult>;
87

88
interface GetRegionsArgs {
89
    /** Include all regions regardless of opt-in status */
90
    allRegions?: boolean;
91
    /** Filter regions by name patterns */
92
    filters?: GetRegionsFilter[];
93
}
94

95
interface GetRegionsFilter {
96
    /** Filter name (e.g., "region-name", "opt-in-status") */
97
    name: string;
98
    /** Filter values */
99
    values: string[];
100
}
101

102
interface GetRegionsResult {
103
    /** List of region names */
104
    readonly names: string[];
105
}
106
```
107

108
### Availability Zones
109

110
Query availability zones within regions for resource placement.
111

112
```typescript { .api }
113
/**
114
 * Get information about a specific availability zone
115
 * @param args - AZ selection arguments  
116
 * @returns Promise resolving to AZ details
117
 */
118
function getAvailabilityZone(args: GetAvailabilityZoneArgs): Promise<GetAvailabilityZoneResult>;
119
function getAvailabilityZoneOutput(args: GetAvailabilityZoneOutputArgs): pulumi.Output<GetAvailabilityZoneResult>;
120

121
interface GetAvailabilityZoneArgs {
122
    /** Filter conditions for AZ selection */
123
    filters?: GetAvailabilityZoneFilter[];
124
    /** Specific AZ name to query */
125
    name?: string;
126
    /** Specific AZ ID to query */
127
    zoneId?: string;
128
}
129

130
interface GetAvailabilityZoneFilter {
131
    /** Filter name (e.g., "zone-name", "state") */
132
    name: string;
133
    /** Filter values */
134
    values: string[];
135
}
136

137
interface GetAvailabilityZoneResult {
138
    /** Group name for the AZ */
139
    readonly groupName: string;
140
    /** Internal AWS AZ ID */
141
    readonly id: string;
142
    /** AZ name (e.g., "us-west-2a") */
143
    readonly name: string;
144
    /** Network border group */
145
    readonly networkBorderGroup: string;
146
    /** AWS region name */
147
    readonly region: string;
148
    /** AZ state (available, impaired, unavailable) */
149
    readonly state: string;
150
    /** Unique AZ identifier */
151
    readonly zoneId: string;
152
}
153

154
/**
155
 * Get list of availability zones in the current region
156
 * @param args - Optional filtering arguments
157
 * @returns Promise resolving to list of AZs
158
 */
159
function getAvailabilityZones(args?: GetAvailabilityZonesArgs): Promise<GetAvailabilityZonesResult>;
160
function getAvailabilityZonesOutput(args?: GetAvailabilityZonesOutputArgs): pulumi.Output<GetAvailabilityZonesResult>;
161

162
interface GetAvailabilityZonesArgs {
163
    /** Include all AZs regardless of state */
164
    allAvailabilityZones?: boolean;
165
    /** Exclude specific AZ names */
166
    excludeNames?: string[];
167
    /** Exclude specific AZ IDs */
168
    excludeZoneIds?: string[];
169
    /** Filter conditions */
170
    filters?: GetAvailabilityZonesFilter[];
171
    /** Include only specific AZ names */
172
    names?: string[];
173
    /** Include only AZs in this state */
174
    state?: string;
175
    /** Include only specific AZ IDs */
176
    zoneIds?: string[];
177
}
178

179
interface GetAvailabilityZonesResult {
180
    /** Group names for the AZs */
181
    readonly groupNames: string[];
182
    /** Internal AWS IDs */
183
    readonly id: string;
184
    /** AZ names */
185
    readonly names: string[];
186
    /** Unique AZ identifiers */
187
    readonly zoneIds: string[];
188
}
189
```
190

191
**Usage Examples:**
192

193
```typescript
194
// Get all AZs in current region
195
const azs = await aws.getAvailabilityZones({ state: "available" });
196

197
// Create subnets across multiple AZs
198
const subnets = azs.names.map((az, index) => 
199
    new aws.ec2.Subnet(`subnet-${index}`, {
200
        vpcId: vpc.id,
201
        availabilityZone: az,
202
        cidrBlock: `10.0.${index}.0/24`
203
    })
204
);
205

206
// Get specific AZ information
207
const az = await aws.getAvailabilityZone({ name: "us-west-2a" });
208
console.log(`AZ ID: ${az.zoneId}`);
209
```
210

211
### AWS Partition and Service Information
212

213
Retrieve AWS partition and service principal information for different AWS environments.
214

215
```typescript { .api }
216
/**
217
 * Get AWS partition information
218
 * @param args - Optional partition arguments
219
 * @returns Promise resolving to partition details
220
 */
221
function getPartition(args?: GetPartitionArgs): Promise<GetPartitionResult>;
222
function getPartitionOutput(args?: GetPartitionOutputArgs): pulumi.Output<GetPartitionResult>;
223

224
interface GetPartitionArgs {
225
    // No arguments currently supported
226
}
227

228
interface GetPartitionResult {
229
    /** DNS suffix for URLs in this partition */
230
    readonly dnsSuffix: string;
231
    /** Internal partition ID */
232
    readonly id: string;
233
    /** Partition name (aws, aws-cn, aws-us-gov) */
234
    readonly partition: string;
235
    /** Reverse DNS prefix */
236
    readonly reverseDnsPrefix: string;
237
}
238

239
/**
240
 * Get service principal for AWS services  
241
 * @param args - Service specification arguments
242
 * @returns Promise resolving to service principal
243
 */
244
function getServicePrincipal(args: GetServicePrincipalArgs): Promise<GetServicePrincipalResult>;
245
function getServicePrincipalOutput(args: GetServicePrincipalOutputArgs): pulumi.Output<GetServicePrincipalResult>;
246

247
interface GetServicePrincipalArgs {
248
    /** AWS region (defaults to current region) */
249
    region?: string;
250
    /** AWS service name (e.g., "lambda", "ec2", "s3") */
251
    serviceName: string;
252
}
253

254
interface GetServicePrincipalResult {
255
    /** Internal ID */
256
    readonly id: string;
257
    /** Service principal (e.g., "lambda.amazonaws.com") */
258
    readonly name: string;
259
    /** Service suffix */
260
    readonly suffix: string;
261
}
262
```
263

264
### AWS IP Ranges
265

266
Query official AWS IP address ranges for security group and firewall configuration.
267

268
```typescript { .api }
269
/**
270
 * Get AWS IP address ranges
271
 * @param args - IP range filtering arguments
272
 * @returns Promise resolving to IP ranges
273
 */
274
function getIpRanges(args?: GetIpRangesArgs): Promise<GetIpRangesResult>;
275
function getIpRangesOutput(args?: GetIpRangesOutputArgs): pulumi.Output<GetIpRangesResult>;
276

277
interface GetIpRangesArgs {
278
    /** Filter by AWS regions */
279
    regions?: string[];
280
    /** Filter by AWS services */
281
    services?: string[];
282
    /** Include IPv6 ranges */
283
    ipv6?: boolean;
284
}
285

286
interface GetIpRangesResult {
287
    /** Publication date/time */
288
    readonly createDate: string;
289
    /** Internal ID */
290
    readonly id: string;
291
    /** IPv4 CIDR blocks */
292
    readonly cidrBlocks: string[];
293
    /** IPv6 CIDR blocks */
294
    readonly ipv6CidrBlocks: string[];
295
    /** Synchronization token */
296
    readonly syncToken: string;
297
}
298
```
299

300
### ARN Parsing
301

302
Parse and validate Amazon Resource Names (ARNs).
303

304
```typescript { .api }
305
/**
306
 * Parse and validate AWS ARNs
307
 * @param args - ARN parsing arguments
308
 * @returns Promise resolving to parsed ARN components
309
 */
310
function getArn(args: GetArnArgs): Promise<GetArnResult>;
311
function getArnOutput(args: GetArnOutputArgs): pulumi.Output<GetArnResult>;
312

313
interface GetArnArgs {
314
    /** ARN string to parse */
315
    arn: string;
316
}
317

318
interface GetArnResult {
319
    /** AWS account ID from ARN */
320
    readonly account: string;
321
    /** Internal ID */
322
    readonly id: string;
323
    /** AWS partition */
324
    readonly partition: string;
325
    /** AWS region */
326
    readonly region: string;
327
    /** Resource portion of ARN */
328
    readonly resource: string;
329
    /** AWS service */
330
    readonly service: string;
331
}
332
```
333

334
**Usage Examples:**
335

336
```typescript
337
// Parse an ARN
338
const parsed = await aws.getArn({ 
339
    arn: "arn:aws:s3:::my-bucket/file.txt" 
340
});
341
console.log(`Service: ${parsed.service}`);
342
console.log(`Resource: ${parsed.resource}`);
343

344
// Get AWS service principal
345
const lambdaPrincipal = await aws.getServicePrincipal({
346
    serviceName: "lambda"
347
});
348

349
// Use in IAM trust policy
350
const role = new aws.iam.Role("lambda-role", {
351
    assumeRolePolicy: JSON.stringify({
352
        Version: "2012-10-17",
353
        Statement: [{
354
            Action: "sts:AssumeRole",
355
            Effect: "Allow", 
356
            Principal: {
357
                Service: lambdaPrincipal.name
358
            }
359
        }]
360
    })
361
});
362
```