tessl/generic-pulumi--aws
Comprehensive Amazon Web Services (AWS) infrastructure provider for Pulumi enabling multi-language infrastructure-as-code with 225+ AWS services
—
Pending
networking.mddocs/
Networking Services
Comprehensive networking solutions including virtual private clouds (VPC), DNS management (Route53), content delivery (CloudFront), and network connectivity services.
Capabilities
VPC - Virtual Private Cloud
Virtual Private Cloud provides isolated cloud resources within the AWS cloud with complete control over networking environment.
/**
* VPC - Virtual Private Cloud
*/
class vpc.Vpc extends pulumi.CustomResource {
constructor(name: string, args?: vpc.VpcArgs, opts?: pulumi.CustomResourceOptions);
/** VPC ARN */
readonly arn: pulumi.Output<string>;
/** VPC ID */
readonly id: pulumi.Output<string>;
/** CIDR block */
readonly cidrBlock: pulumi.Output<string>;
/** Default security group ID */
readonly defaultSecurityGroupId: pulumi.Output<string>;
/** Default network ACL ID */
readonly defaultNetworkAclId: pulumi.Output<string>;
/** Default route table ID */
readonly defaultRouteTableId: pulumi.Output<string>;
/** DHCP options ID */
readonly dhcpOptionsId: pulumi.Output<string>;
/** Instance tenancy */
readonly instanceTenancy: pulumi.Output<string>;
/** IPv6 CIDR block */
readonly ipv6CidrBlock: pulumi.Output<string>;
/** Main route table ID */
readonly mainRouteTableId: pulumi.Output<string>;
/** Owner ID */
readonly ownerId: pulumi.Output<string>;
/** Resource tags */
readonly tags: pulumi.Output<{[key: string]: string}>;
}
interface vpc.VpcArgs {
/** CIDR block for the VPC */
cidrBlock: pulumi.Input<string>;
/** Instance tenancy (default, dedicated, host) */
instanceTenancy?: pulumi.Input<string>;
/** Enable DNS resolution */
enableDnsSupport?: pulumi.Input<boolean>;
/** Enable DNS hostnames */
enableDnsHostnames?: pulumi.Input<boolean>;
/** Enable network address usage metrics */
enableNetworkAddressUsageMetrics?: pulumi.Input<boolean>;
/** Assign generated IPv6 CIDR block */
assignGeneratedIpv6CidrBlock?: pulumi.Input<boolean>;
/** Resource tags */
tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;
}
/**
* VPC Subnet
*/
class ec2.Subnet extends pulumi.CustomResource {
constructor(name: string, args: ec2.SubnetArgs, opts?: pulumi.CustomResourceOptions);
/** Subnet ARN */
readonly arn: pulumi.Output<string>;
/** Subnet ID */
readonly id: pulumi.Output<string>;
/** VPC ID */
readonly vpcId: pulumi.Output<string>;
/** CIDR block */
readonly cidrBlock: pulumi.Output<string>;
/** Availability zone */
readonly availabilityZone: pulumi.Output<string>;
/** Availability zone ID */
readonly availabilityZoneId: pulumi.Output<string>;
/** Map public IP on launch */
readonly mapPublicIpOnLaunch: pulumi.Output<boolean>;
/** Assign IPv6 address on creation */
readonly assignIpv6AddressOnCreation: pulumi.Output<boolean>;
/** IPv6 CIDR block */
readonly ipv6CidrBlock: pulumi.Output<string>;
/** Outpost ARN */
readonly outpostArn: pulumi.Output<string>;
/** Resource tags */
readonly tags: pulumi.Output<{[key: string]: string}>;
}
interface ec2.SubnetArgs {
/** VPC ID */
vpcId: pulumi.Input<string>;
/** CIDR block for the subnet */
cidrBlock: pulumi.Input<string>;
/** Availability zone */
availabilityZone?: pulumi.Input<string>;
/** Map public IP on launch */
mapPublicIpOnLaunch?: pulumi.Input<boolean>;
/** Assign IPv6 address on creation */
assignIpv6AddressOnCreation?: pulumi.Input<boolean>;
/** IPv6 CIDR block */
ipv6CidrBlock?: pulumi.Input<string>;
/** Outpost ARN */
outpostArn?: pulumi.Input<string>;
/** Resource tags */
tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;
}
/**
* Internet Gateway
*/
class ec2.InternetGateway extends pulumi.CustomResource {
constructor(name: string, args?: ec2.InternetGatewayArgs, opts?: pulumi.CustomResourceOptions);
/** Internet Gateway ARN */
readonly arn: pulumi.Output<string>;
/** Internet Gateway ID */
readonly id: pulumi.Output<string>;
/** VPC ID */
readonly vpcId: pulumi.Output<string>;
/** Resource tags */
readonly tags: pulumi.Output<{[key: string]: string}>;
}
/**
* Route Table
*/
class ec2.RouteTable extends pulumi.CustomResource {
constructor(name: string, args: ec2.RouteTableArgs, opts?: pulumi.CustomResourceOptions);
/** Route table ARN */
readonly arn: pulumi.Output<string>;
/** Route table ID */
readonly id: pulumi.Output<string>;
/** VPC ID */
readonly vpcId: pulumi.Output<string>;
/** Routes */
readonly routes: pulumi.Output<ec2.RouteTableRoute[]>;
/** Resource tags */
readonly tags: pulumi.Output<{[key: string]: string}>;
}
/**
* Security Group
*/
class ec2.SecurityGroup extends pulumi.CustomResource {
constructor(name: string, args?: ec2.SecurityGroupArgs, opts?: pulumi.CustomResourceOptions);
/** Security group ARN */
readonly arn: pulumi.Output<string>;
/** Security group ID */
readonly id: pulumi.Output<string>;
/** Security group name */
readonly name: pulumi.Output<string>;
/** Description */
readonly description: pulumi.Output<string>;
/** VPC ID */
readonly vpcId: pulumi.Output<string>;
/** Ingress rules */
readonly ingress: pulumi.Output<ec2.SecurityGroupIngress[]>;
/** Egress rules */
readonly egress: pulumi.Output<ec2.SecurityGroupEgress[]>;
/** Resource tags */
readonly tags: pulumi.Output<{[key: string]: string}>;
}Usage Examples:
// Create VPC with DNS support
const vpc = new aws.ec2.Vpc("main-vpc", {
cidrBlock: "10.0.0.0/16",
enableDnsHostnames: true,
enableDnsSupport: true,
tags: {
Name: "MainVPC",
Environment: "production"
}
});
// Create Internet Gateway
const igw = new aws.ec2.InternetGateway("main-igw", {
vpcId: vpc.id,
tags: {
Name: "MainIGW"
}
});
// Create public subnets
const publicSubnets = ["us-west-2a", "us-west-2b"].map((az, index) =>
new aws.ec2.Subnet(`public-subnet-${index}`, {
vpcId: vpc.id,
cidrBlock: `10.0.${index + 1}.0/24`,
availabilityZone: az,
mapPublicIpOnLaunch: true,
tags: {
Name: `PublicSubnet-${az}`,
Type: "public"
}
})
);
// Create private subnets
const privateSubnets = ["us-west-2a", "us-west-2b"].map((az, index) =>
new aws.ec2.Subnet(`private-subnet-${index}`, {
vpcId: vpc.id,
cidrBlock: `10.0.${index + 10}.0/24`,
availabilityZone: az,
tags: {
Name: `PrivateSubnet-${az}`,
Type: "private"
}
})
);
// Create public route table
const publicRouteTable = new aws.ec2.RouteTable("public-rt", {
vpcId: vpc.id,
routes: [{
cidrBlock: "0.0.0.0/0",
gatewayId: igw.id
}],
tags: {
Name: "PublicRouteTable"
}
});
// Create security group for web servers
const webSecurityGroup = new aws.ec2.SecurityGroup("web-sg", {
name: "web-security-group",
description: "Security group for web servers",
vpcId: vpc.id,
ingress: [
{
fromPort: 80,
toPort: 80,
protocol: "tcp",
cidrBlocks: ["0.0.0.0/0"]
},
{
fromPort: 443,
toPort: 443,
protocol: "tcp",
cidrBlocks: ["0.0.0.0/0"]
},
{
fromPort: 22,
toPort: 22,
protocol: "tcp",
cidrBlocks: ["10.0.0.0/16"]
}
],
egress: [{
fromPort: 0,
toPort: 0,
protocol: "-1",
cidrBlocks: ["0.0.0.0/0"]
}],
tags: {
Name: "WebSecurityGroup"
}
});Route53 - DNS Management
Scalable Domain Name System (DNS) web service for domain registration and DNS routing.
/**
* Route53 hosted zone
*/
class route53.Zone extends pulumi.CustomResource {
constructor(name: string, args: route53.ZoneArgs, opts?: pulumi.CustomResourceOptions);
/** Zone ARN */
readonly arn: pulumi.Output<string>;
/** Zone ID */
readonly zoneId: pulumi.Output<string>;
/** Domain name */
readonly name: pulumi.Output<string>;
/** Name servers */
readonly nameServers: pulumi.Output<string[]>;
/** Comment */
readonly comment: pulumi.Output<string>;
/** Private zone */
readonly privateZone: pulumi.Output<boolean>;
/** VPC associations */
readonly vpcs: pulumi.Output<route53.ZoneVpc[]>;
/** Resource tags */
readonly tags: pulumi.Output<{[key: string]: string}>;
}
interface route53.ZoneArgs {
/** Domain name */
name: pulumi.Input<string>;
/** Comment */
comment?: pulumi.Input<string>;
/** Force destroy */
forceDestroy?: pulumi.Input<boolean>;
/** Private zone */
privateZone?: pulumi.Input<boolean>;
/** VPC associations for private zones */
vpcs?: pulumi.Input<pulumi.Input<route53.ZoneVpc>[]>;
/** Resource tags */
tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;
}
/**
* Route53 DNS record
*/
class route53.Record extends pulumi.CustomResource {
constructor(name: string, args: route53.RecordArgs, opts?: pulumi.CustomResourceOptions);
/** Zone ID */
readonly zoneId: pulumi.Output<string>;
/** Record name */
readonly name: pulumi.Output<string>;
/** Record type */
readonly type: pulumi.Output<string>;
/** TTL */
readonly ttl: pulumi.Output<number>;
/** Records */
readonly records: pulumi.Output<string[]>;
/** Alias configuration */
readonly aliases: pulumi.Output<route53.RecordAlias[]>;
/** FQDN */
readonly fqdn: pulumi.Output<string>;
}
interface route53.RecordArgs {
/** Zone ID */
zoneId: pulumi.Input<string>;
/** Record name */
name: pulumi.Input<string>;
/** Record type (A, AAAA, CNAME, MX, etc.) */
type: pulumi.Input<string>;
/** TTL in seconds */
ttl?: pulumi.Input<number>;
/** Record values */
records?: pulumi.Input<pulumi.Input<string>[]>;
/** Alias target */
aliases?: pulumi.Input<pulumi.Input<route53.RecordAlias>[]>;
/** Weighted routing */
weightedRoutingPolicies?: pulumi.Input<pulumi.Input<route53.RecordWeightedRoutingPolicy>[]>;
/** Geolocation routing */
geolocationRoutingPolicies?: pulumi.Input<pulumi.Input<route53.RecordGeolocationRoutingPolicy>[]>;
/** Health check ID */
healthCheckId?: pulumi.Input<string>;
/** Set identifier for routing policies */
setIdentifier?: pulumi.Input<string>;
}Usage Examples:
// Create hosted zone
const zone = new aws.route53.Zone("example-com", {
name: "example.com",
comment: "Main domain zone",
tags: {
Name: "ExampleZone",
Environment: "production"
}
});
// Create A record pointing to load balancer
const aRecord = new aws.route53.Record("www", {
zoneId: zone.zoneId,
name: "www.example.com",
type: "A",
aliases: [{
name: alb.dnsName,
zoneId: alb.zoneId,
evaluateTargetHealth: true
}]
});
// Create CNAME record
const cnameRecord = new aws.route53.Record("api", {
zoneId: zone.zoneId,
name: "api.example.com",
type: "CNAME",
ttl: 300,
records: ["api-internal.example.com"]
});
// Create MX record for email
const mxRecord = new aws.route53.Record("mail", {
zoneId: zone.zoneId,
name: "example.com",
type: "MX",
ttl: 300,
records: [
"10 mail.example.com",
"20 mail2.example.com"
]
});CloudFront - Content Delivery Network
Global content delivery network (CDN) service that securely delivers data with low latency and high transfer speeds.
/**
* CloudFront distribution
*/
class cloudfront.Distribution extends pulumi.CustomResource {
constructor(name: string, args: cloudfront.DistributionArgs, opts?: pulumi.CustomResourceOptions);
/** Distribution ARN */
readonly arn: pulumi.Output<string>;
/** Distribution ID */
readonly id: pulumi.Output<string>;
/** Domain name */
readonly domainName: pulumi.Output<string>;
/** Hosted zone ID */
readonly hostedZoneId: pulumi.Output<string>;
/** Status */
readonly status: pulumi.Output<string>;
/** Origins */
readonly origins: pulumi.Output<cloudfront.DistributionOrigin[]>;
/** Default cache behavior */
readonly defaultCacheBehavior: pulumi.Output<cloudfront.DistributionDefaultCacheBehavior>;
/** Cache behaviors */
readonly orderedCacheBehaviors: pulumi.Output<cloudfront.DistributionOrderedCacheBehavior[]>;
/** Price class */
readonly priceClass: pulumi.Output<string>;
/** Enabled */
readonly enabled: pulumi.Output<boolean>;
/** Web ACL ID */
readonly webAclId: pulumi.Output<string>;
/** Resource tags */
readonly tags: pulumi.Output<{[key: string]: string}>;
}
interface cloudfront.DistributionArgs {
/** Origins */
origins: pulumi.Input<pulumi.Input<cloudfront.DistributionOrigin>[]>;
/** Default cache behavior */
defaultCacheBehavior: pulumi.Input<cloudfront.DistributionDefaultCacheBehavior>;
/** Ordered cache behaviors */
orderedCacheBehaviors?: pulumi.Input<pulumi.Input<cloudfront.DistributionOrderedCacheBehavior>[]>;
/** Comment */
comment?: pulumi.Input<string>;
/** Default root object */
defaultRootObject?: pulumi.Input<string>;
/** Enabled */
enabled: pulumi.Input<boolean>;
/** HTTP version */
httpVersion?: pulumi.Input<string>;
/** Price class */
priceClass?: pulumi.Input<string>;
/** Aliases (CNAMEs) */
aliases?: pulumi.Input<pulumi.Input<string>[]>;
/** SSL/TLS certificate */
viewerCertificate?: pulumi.Input<cloudfront.DistributionViewerCertificate>;
/** Custom error responses */
customErrorResponses?: pulumi.Input<pulumi.Input<cloudfront.DistributionCustomErrorResponse>[]>;
/** Geo restrictions */
restrictions?: pulumi.Input<cloudfront.DistributionRestrictions>;
/** Web ACL ID */
webAclId?: pulumi.Input<string>;
/** Resource tags */
tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;
}
/**
* CloudFront Origin Access Identity
*/
class cloudfront.OriginAccessIdentity extends pulumi.CustomResource {
constructor(name: string, args?: cloudfront.OriginAccessIdentityArgs, opts?: pulumi.CustomResourceOptions);
/** CloudFront access identity path */
readonly cloudfrontAccessIdentityPath: pulumi.Output<string>;
/** ETag */
readonly etag: pulumi.Output<string>;
/** IAM ARN */
readonly iamArn: pulumi.Output<string>;
/** S3 canonical user ID */
readonly s3CanonicalUserId: pulumi.Output<string>;
/** Comment */
readonly comment: pulumi.Output<string>;
}Usage Examples:
// Create CloudFront Origin Access Identity
const oai = new aws.cloudfront.OriginAccessIdentity("s3-oai", {
comment: "OAI for S3 bucket access"
});
// Create CloudFront distribution
const distribution = new aws.cloudfront.Distribution("website-cdn", {
origins: [{
domainName: bucket.bucketDomainName,
originId: "S3-bucket",
s3OriginConfig: {
originAccessIdentity: oai.cloudfrontAccessIdentityPath
}
}],
enabled: true,
defaultRootObject: "index.html",
comment: "Website CDN distribution",
aliases: ["www.example.com", "example.com"],
defaultCacheBehavior: {
targetOriginId: "S3-bucket",
viewerProtocolPolicy: "redirect-to-https",
allowedMethods: ["GET", "HEAD", "OPTIONS"],
cachedMethods: ["GET", "HEAD"],
compress: true,
forwardedValues: {
queryString: false,
cookies: {
forward: "none"
}
},
minTtl: 0,
defaultTtl: 3600,
maxTtl: 86400
},
viewerCertificate: {
acmCertificateArn: certificate.arn,
sslSupportMethod: "sni-only",
minimumProtocolVersion: "TLSv1.2_2021"
},
priceClass: "PriceClass_100",
restrictions: {
geoRestriction: {
restrictionType: "none"
}
},
tags: {
Name: "WebsiteCDN",
Environment: "production"
}
});Load Balancing
Application Load Balancer (ALB) and Network Load Balancer (NLB) for distributing incoming traffic.
/**
* Application Load Balancer
*/
class lb.LoadBalancer extends pulumi.CustomResource {
constructor(name: string, args?: lb.LoadBalancerArgs, opts?: pulumi.CustomResourceOptions);
/** Load balancer ARN */
readonly arn: pulumi.Output<string>;
/** DNS name */
readonly dnsName: pulumi.Output<string>;
/** Zone ID */
readonly zoneId: pulumi.Output<string>;
/** Load balancer type */
readonly loadBalancerType: pulumi.Output<string>;
/** Subnets */
readonly subnets: pulumi.Output<string[]>;
/** Security groups */
readonly securityGroups: pulumi.Output<string[]>;
/** Scheme */
readonly scheme: pulumi.Output<string>;
/** IP address type */
readonly ipAddressType: pulumi.Output<string>;
/** Internal */
readonly internal: pulumi.Output<boolean>;
/** Resource tags */
readonly tags: pulumi.Output<{[key: string]: string}>;
}
/**
* Load balancer target group
*/
class lb.TargetGroup extends pulumi.CustomResource {
constructor(name: string, args?: lb.TargetGroupArgs, opts?: pulumi.CustomResourceOptions);
/** Target group ARN */
readonly arn: pulumi.Output<string>;
/** Target group name */
readonly name: pulumi.Output<string>;
/** Port */
readonly port: pulumi.Output<number>;
/** Protocol */
readonly protocol: pulumi.Output<string>;
/** VPC ID */
readonly vpcId: pulumi.Output<string>;
/** Target type */
readonly targetType: pulumi.Output<string>;
/** Health check configuration */
readonly healthCheck: pulumi.Output<lb.TargetGroupHealthCheck>;
}
/**
* Load balancer listener
*/
class lb.Listener extends pulumi.CustomResource {
constructor(name: string, args: lb.ListenerArgs, opts?: pulumi.CustomResourceOptions);
/** Listener ARN */
readonly arn: pulumi.Output<string>;
/** Load balancer ARN */
readonly loadBalancerArn: pulumi.Output<string>;
/** Port */
readonly port: pulumi.Output<string>;
/** Protocol */
readonly protocol: pulumi.Output<string>;
/** SSL policy */
readonly sslPolicy: pulumi.Output<string>;
/** Certificate ARN */
readonly certificateArn: pulumi.Output<string>;
/** Default actions */
readonly defaultActions: pulumi.Output<lb.ListenerDefaultAction[]>;
}Usage Examples:
// Create Application Load Balancer
const alb = new aws.lb.LoadBalancer("app-alb", {
name: "app-load-balancer",
loadBalancerType: "application",
subnets: publicSubnets.map(s => s.id),
securityGroups: [albSecurityGroup.id],
enableDeletionProtection: false,
tags: {
Name: "AppLoadBalancer",
Environment: "production"
}
});
// Create target group
const targetGroup = new aws.lb.TargetGroup("app-tg", {
name: "app-target-group",
port: 80,
protocol: "HTTP",
vpcId: vpc.id,
targetType: "instance",
healthCheck: {
enabled: true,
healthyThreshold: 2,
unhealthyThreshold: 2,
timeout: 5,
interval: 30,
path: "/health",
matcher: "200"
},
tags: {
Name: "AppTargetGroup"
}
});
// Create HTTPS listener
const httpsListener = new aws.lb.Listener("https-listener", {
loadBalancerArn: alb.arn,
port: "443",
protocol: "HTTPS",
sslPolicy: "ELBSecurityPolicy-TLS-1-2-2017-01",
certificateArn: certificate.arn,
defaultActions: [{
type: "forward",
targetGroupArn: targetGroup.arn
}]
});Install with Tessl CLI
npx tessl i tessl/generic-pulumi--aws