or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

Files

docs

core-compute.mdindex.mdsecurity.mdserverless.mdstorage.md

index.mddocs/

0
# Pulumi AWS
1


2
Pulumi AWS is a comprehensive infrastructure-as-code SDK that provides strongly-typed TypeScript bindings for creating and managing Amazon Web Services (AWS) cloud resources. It covers the complete AWS service catalog with over 180 service modules and 1,000+ resource types, enabling programmatic infrastructure management with full AWS API coverage.
3


4
## Package Information
5


6
- **Package Name**: @pulumi/aws
7
- **Package Type**: npm
8
- **Language**: TypeScript
9
- **Installation**: `npm install @pulumi/pulumi @pulumi/aws`
10


11
## Core Imports
12


13
```typescript
14
import * as aws from "@pulumi/aws";
15
import * as pulumi from "@pulumi/pulumi";
16
```
17


18
For specific services:
19


20
```typescript
21
import * as ec2 from "@pulumi/aws/ec2";
22
import * as s3 from "@pulumi/aws/s3";
23
import * as iam from "@pulumi/aws/iam";
24
```
25


26
For CommonJS:
27


28
```javascript
29
const aws = require("@pulumi/aws");
30
const pulumi = require("@pulumi/pulumi");
31
```
32


33
## Basic Usage
34


35
```typescript
36
import * as aws from "@pulumi/aws";
37
import * as pulumi from "@pulumi/pulumi";
38


39
// Configure the AWS provider
40
const provider = new aws.Provider("my-provider", {
41
    region: "us-west-2",
42
    profile: "default",
43
});
44


45
// Create a VPC
46
const vpc = new aws.ec2.Vpc("my-vpc", {
47
    cidrBlock: "10.0.0.0/16",
48
    enableDnsHostnames: true,
49
    enableDnsSupport: true,
50
    tags: {
51
        Name: "my-vpc",
52
    },
53
}, { provider });
54


55
// Create an S3 bucket
56
const bucket = new aws.s3.Bucket("my-bucket", {
57
    bucket: "my-unique-bucket-name",
58
    acl: "private",
59
}, { provider });
60


61
// Export the bucket name
62
export const bucketName = bucket.id;
63
export const vpcId = vpc.id;
64
```
65


66
## Architecture
67


68
Pulumi AWS is built around several key patterns:
69


70
- **Provider Class**: Central configuration for AWS credentials, regions, and global settings
71
- **Resource Classes**: Strongly-typed classes for creating and managing AWS resources (e.g., `aws.ec2.Instance`, `aws.s3.Bucket`)
72
- **Data Source Functions**: Functions for querying existing AWS resources (e.g., `aws.ec2.getVpc`, `aws.s3.getBucket`)
73
- **Type System**: Complete TypeScript definitions with Input/Output types for all resource properties
74
- **Module Organization**: AWS services organized into logical modules (ec2, s3, iam, lambda, etc.)
75
- **Lazy Loading**: Optimized imports with utilities.lazyLoad for improved performance
76


77
## Capabilities
78


79
### Provider Configuration
80


81
Central AWS provider configuration for credentials, regions, and service endpoints.
82


83
```typescript { .api }
84
class Provider extends pulumi.ProviderResource {
85
    constructor(name: string, args?: ProviderArgs, opts?: pulumi.ResourceOptions);
86
    
87
    public readonly accessKey!: pulumi.Output<string | undefined>;
88
    public readonly region!: pulumi.Output<string | undefined>;
89
    public readonly secretKey!: pulumi.Output<string | undefined>;
90
    public readonly profile!: pulumi.Output<string | undefined>;
91
    public readonly customCaBundle!: pulumi.Output<string | undefined>;
92
    public readonly ec2MetadataServiceEndpoint!: pulumi.Output<string | undefined>;
93
    public readonly ec2MetadataServiceEndpointMode!: pulumi.Output<string | undefined>;
94
    public readonly httpProxy!: pulumi.Output<string | undefined>;
95
    public readonly httpsProxy!: pulumi.Output<string | undefined>;
96
    public readonly noProxy!: pulumi.Output<string | undefined>;
97
    public readonly retryMode!: pulumi.Output<string | undefined>;
98
    public readonly s3UsEast1RegionalEndpoint!: pulumi.Output<string | undefined>;
99
    public readonly stsRegion!: pulumi.Output<string | undefined>;
100
    public readonly token!: pulumi.Output<string | undefined>;
101
}
102


103
interface ProviderArgs {
104
    accessKey?: pulumi.Input<string>;
105
    allowedAccountIds?: pulumi.Input<pulumi.Input<string>[]>;
106
    region?: pulumi.Input<string>;
107
    secretKey?: pulumi.Input<string>;
108
    profile?: pulumi.Input<string>;
109
    customCaBundle?: pulumi.Input<string>;
110
    ec2MetadataServiceEndpoint?: pulumi.Input<string>;
111
    ec2MetadataServiceEndpointMode?: pulumi.Input<string>;
112
    httpProxy?: pulumi.Input<string>;
113
    httpsProxy?: pulumi.Input<string>;
114
    noProxy?: pulumi.Input<string>;
115
    retryMode?: pulumi.Input<string>;
116
    s3UsEast1RegionalEndpoint?: pulumi.Input<string>;
117
    stsRegion?: pulumi.Input<string>;
118
    token?: pulumi.Input<string>;
119
}
120
```
121


122
### Global Utility Functions
123


124
AWS-wide utility functions for account, region, and service information.
125


126
```typescript { .api }
127
function getCallerIdentity(args?: GetCallerIdentityArgs): Promise<GetCallerIdentityResult>;
128
function getRegion(args?: GetRegionArgs): Promise<GetRegionResult>;
129
function getAvailabilityZones(args?: GetAvailabilityZonesArgs): Promise<GetAvailabilityZonesResult>;
130
function getPartition(args?: GetPartitionArgs): Promise<GetPartitionResult>;
131
function getArn(args: GetArnArgs): Promise<GetArnResult>;
132
function getBillingServiceAccount(args?: GetBillingServiceAccountArgs): Promise<GetBillingServiceAccountResult>;
133
function getDefaultTags(args?: GetDefaultTagsArgs): Promise<GetDefaultTagsResult>;
134
function getIpRanges(args: GetIpRangesArgs): Promise<GetIpRangesResult>;
135
function getRegions(args?: GetRegionsArgs): Promise<GetRegionsResult>;
136
function getService(args: GetServiceArgs): Promise<GetServiceResult>;
137
function getServicePrincipal(args: GetServicePrincipalArgs): Promise<GetServicePrincipalResult>;
138


139
interface GetCallerIdentityResult {
140
    accountId: string;
141
    arn: string;
142
    id: string;
143
    userId: string;
144
}
145


146
interface GetArnResult {
147
    account: string;
148
    partition: string;
149
    region: string;
150
    resource: string;
151
    service: string;
152
}
153


154
interface GetBillingServiceAccountResult {
155
    arn: string;
156
    id: string;
157
}
158


159
interface GetDefaultTagsResult {
160
    tags: { [key: string]: string };
161
}
162


163
interface GetIpRangesResult {
164
    cidrBlocks: string[];
165
    ipv6CidrBlocks: string[];
166
    createDate: string;
167
    syncToken: string;
168
}
169
```
170


171
### Core Compute Services
172


173
Complete infrastructure services including EC2, Auto Scaling, and Load Balancing with 165+ resource types and data sources.
174


175
```typescript { .api }
176
// EC2 Instance
177
class ec2.Instance extends pulumi.CustomResource {
178
    constructor(name: string, args: ec2.InstanceArgs, opts?: pulumi.ResourceOptions);
179
    
180
    public readonly ami!: pulumi.Output<string>;
181
    public readonly instanceType!: pulumi.Output<string>;
182
    public readonly publicIp!: pulumi.Output<string>;
183
    public readonly privateIp!: pulumi.Output<string>;
184
    public readonly securityGroups!: pulumi.Output<string[]>;
185
    public readonly subnetId!: pulumi.Output<string>;
186
    public readonly vpcSecurityGroupIds!: pulumi.Output<string[]>;
187
    public readonly keyName!: pulumi.Output<string>;
188
    public readonly availabilityZone!: pulumi.Output<string>;
189
    public readonly arn!: pulumi.Output<string>;
190
    public readonly id!: pulumi.Output<string>;
191
}
192


193
// VPC
194
class ec2.Vpc extends pulumi.CustomResource {
195
    constructor(name: string, args: ec2.VpcArgs, opts?: pulumi.ResourceOptions);
196
    
197
    public readonly cidrBlock!: pulumi.Output<string>;
198
    public readonly id!: pulumi.Output<string>;
199
    public readonly arn!: pulumi.Output<string>;
200
    public readonly enableDnsHostnames!: pulumi.Output<boolean>;
201
    public readonly enableDnsSupport!: pulumi.Output<boolean>;
202
    public readonly defaultNetworkAclId!: pulumi.Output<string>;
203
    public readonly defaultRouteTableId!: pulumi.Output<string>;
204
    public readonly defaultSecurityGroupId!: pulumi.Output<string>;
205
    public readonly mainRouteTableId!: pulumi.Output<string>;
206
}
207
```
208


209
[Core Compute Services](./core-compute.md)
210


211
### Storage Services
212


213
Complete storage solutions including S3, EBS, and EFS with object storage, block storage, and file systems.
214


215
```typescript { .api }
216
// S3 Bucket
217
class s3.Bucket extends pulumi.CustomResource {
218
    constructor(name: string, args?: s3.BucketArgs, opts?: pulumi.ResourceOptions);
219
    
220
    public readonly bucket!: pulumi.Output<string>;
221
    public readonly arn!: pulumi.Output<string>;
222
    public readonly bucketDomainName!: pulumi.Output<string>;
223
    public readonly bucketRegionalDomainName!: pulumi.Output<string>;
224
    public readonly hostedZoneId!: pulumi.Output<string>;
225
    public readonly region!: pulumi.Output<string>;
226
    public readonly websiteEndpoint!: pulumi.Output<string>;
227
    public readonly websiteDomain!: pulumi.Output<string>;
228
    public readonly id!: pulumi.Output<string>;
229
}
230


231
// EBS Volume
232
class ebs.Volume extends pulumi.CustomResource {
233
    constructor(name: string, args: ebs.VolumeArgs, opts?: pulumi.ResourceOptions);
234
    
235
    public readonly size!: pulumi.Output<number>;
236
    public readonly type!: pulumi.Output<string>;
237
    public readonly availabilityZone!: pulumi.Output<string>;
238
    public readonly arn!: pulumi.Output<string>;
239
    public readonly encrypted!: pulumi.Output<boolean>;
240
    public readonly kmsKeyId!: pulumi.Output<string>;
241
    public readonly iops!: pulumi.Output<number>;
242
    public readonly throughput!: pulumi.Output<number>;
243
    public readonly id!: pulumi.Output<string>;
244
}
245
```
246


247
[Storage Services](./storage.md)
248


249
### Database Services
250


251
Comprehensive database solutions including RDS, DynamoDB, and specialized database services.
252


253
```typescript { .api }
254
// RDS Instance
255
class rds.Instance extends pulumi.CustomResource {
256
    constructor(name: string, args: rds.InstanceArgs, opts?: pulumi.ResourceOptions);
257
    
258
    public readonly engine!: pulumi.Output<string>;
259
    public readonly dbName!: pulumi.Output<string>;
260
    public readonly endpoint!: pulumi.Output<string>;
261
}
262


263
// DynamoDB Table
264
class dynamodb.Table extends pulumi.CustomResource {
265
    constructor(name: string, args: dynamodb.TableArgs, opts?: pulumi.ResourceOptions);
266
    
267
    public readonly name!: pulumi.Output<string>;
268
    public readonly arn!: pulumi.Output<string>;
269
}
270
```
271


272
Complete database services documentation will be added in future versions.
273


274
### Security & Identity Services
275


276
Complete security services including IAM, KMS, Secrets Manager, and security monitoring tools.
277


278
```typescript { .api }
279
// IAM Role
280
class iam.Role extends pulumi.CustomResource {
281
    constructor(name: string, args: iam.RoleArgs, opts?: pulumi.ResourceOptions);
282
    
283
    public readonly arn!: pulumi.Output<string>;
284
    public readonly name!: pulumi.Output<string>;
285
}
286


287
// KMS Key
288
class kms.Key extends pulumi.CustomResource {
289
    constructor(name: string, args?: kms.KeyArgs, opts?: pulumi.ResourceOptions);
290
    
291
    public readonly keyId!: pulumi.Output<string>;
292
    public readonly arn!: pulumi.Output<string>;
293
}
294
```
295


296
[Security & Identity Services](./security.md)
297


298
### Serverless Services
299


300
Complete serverless computing platform including Lambda, API Gateway, SQS, SNS, and event-driven services.
301


302
```typescript { .api }
303
// Lambda Function
304
class lambda.Function extends pulumi.CustomResource {
305
    constructor(name: string, args: lambda.FunctionArgs, opts?: pulumi.ResourceOptions);
306
    
307
    public readonly functionName!: pulumi.Output<string>;
308
    public readonly arn!: pulumi.Output<string>;
309
    public readonly invokeArn!: pulumi.Output<string>;
310
}
311


312
// API Gateway REST API
313
class apigateway.RestApi extends pulumi.CustomResource {
314
    constructor(name: string, args?: apigateway.RestApiArgs, opts?: pulumi.ResourceOptions);
315
    
316
    public readonly id!: pulumi.Output<string>;
317
    public readonly executionArn!: pulumi.Output<string>;
318
}
319
```
320


321
[Serverless Services](./serverless.md)
322


323
### Networking Services
324


325
Complete networking infrastructure including VPC, Route53, CloudFront, and connectivity services.
326


327
```typescript { .api }
328
// Route53 Zone
329
class route53.Zone extends pulumi.CustomResource {
330
    constructor(name: string, args: route53.ZoneArgs, opts?: pulumi.ResourceOptions);
331
    
332
    public readonly name!: pulumi.Output<string>;
333
    public readonly zoneId!: pulumi.Output<string>;
334
}
335


336
// CloudFront Distribution
337
class cloudfront.Distribution extends pulumi.CustomResource {
338
    constructor(name: string, args: cloudfront.DistributionArgs, opts?: pulumi.ResourceOptions);
339
    
340
    public readonly domainName!: pulumi.Output<string>;
341
    public readonly arn!: pulumi.Output<string>;
342
}
343
```
344


345
Complete networking services documentation will be added in future versions.
346


347
### Monitoring & Observability
348


349
Complete monitoring solutions including CloudWatch, X-Ray, and operational tools for infrastructure observability.
350


351
```typescript { .api }
352
// CloudWatch Log Group
353
class cloudwatch.LogGroup extends pulumi.CustomResource {
354
    constructor(name: string, args: cloudwatch.LogGroupArgs, opts?: pulumi.ResourceOptions);
355
    
356
    public readonly name!: pulumi.Output<string>;
357
    public readonly arn!: pulumi.Output<string>;
358
}
359


360
// X-Ray Sampling Rule
361
class xray.SamplingRule extends pulumi.CustomResource {
362
    constructor(name: string, args: xray.SamplingRuleArgs, opts?: pulumi.ResourceOptions);
363
    
364
    public readonly arn!: pulumi.Output<string>;
365
    public readonly ruleName!: pulumi.Output<string>;
366
}
367
```
368


369
Complete monitoring and observability services documentation will be added in future versions.
370


371
## Complete Service Catalog
372


373
The SDK includes comprehensive coverage of all AWS services organized into 180+ modules including:
374


375
**Core Services**: ec2, s3, iam, lambda, rds, vpc, cloudformation, cloudwatch
376
**Analytics**: athena, glue, emr, kinesis, quicksight, lakeformation
377
**Machine Learning**: sagemaker, comprehend, rekognition, textract, bedrock
378
**Security**: kms, secretsmanager, guardduty, securityhub, macie, inspector
379
**DevOps**: codebuild, codedeploy, codepipeline, codebuild, codeartifact
380
**Containers**: ecs, eks, ecr, batch, apprunner
381
**And 160+ additional specialized services
382


383
Each service module follows consistent patterns with resource classes for creating infrastructure, data source functions for querying existing resources, and complete TypeScript definitions for all properties and return values.