Docs
Packagescloudamqp.VpcConnect
Explore with Pulumi AI
This resource is a generic way to handle PrivateLink (AWS and Azure) and Private Service Connect (GCP). Communication between resources can be done just as they were living inside a VPC. CloudAMQP creates an Endpoint Service to connect the VPC and creating a new network interface to handle the communicate.
If no existing VPC available when enable VPC connect, a new VPC will be created with subnet 10.52.72.0/24.
More information can be found at: CloudAMQP VPC Connect
Note: Enabling VPC Connect will automatically add a firewall rule.
Default PrivateLink firewall rule [AWS, Azure]
Example Usage
Enable VPC Connect (PrivateLink) in AWS
import * as pulumi from "@pulumi/pulumi";
import * as cloudamqp from "@pulumi/cloudamqp";
const vpc = new cloudamqp.Vpc("vpc", {
name: "Standalone VPC",
region: "amazon-web-services::us-west-1",
subnet: "10.56.72.0/24",
tags: [],
});
const instance = new cloudamqp.Instance("instance", {
name: "Instance 01",
plan: "bunny-1",
region: "amazon-web-services::us-west-1",
tags: [],
vpcId: vpc.id,
keepAssociatedVpc: true,
});
const vpcConnect = new cloudamqp.VpcConnect("vpc_connect", {
instanceId: instance.id,
region: instance.region,
allowedPrincipals: ["arn:aws:iam::aws-account-id:user/user-name"],
});
import pulumi
import pulumi_cloudamqp as cloudamqp
vpc = cloudamqp.Vpc("vpc",
name="Standalone VPC",
region="amazon-web-services::us-west-1",
subnet="10.56.72.0/24",
tags=[])
instance = cloudamqp.Instance("instance",
name="Instance 01",
plan="bunny-1",
region="amazon-web-services::us-west-1",
tags=[],
vpc_id=vpc.id,
keep_associated_vpc=True)
vpc_connect = cloudamqp.VpcConnect("vpc_connect",
instance_id=instance.id,
region=instance.region,
allowed_principals=["arn:aws:iam::aws-account-id:user/user-name"])
package main
import (
"github.com/pulumi/pulumi-cloudamqp/sdk/v3/go/cloudamqp"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
vpc, err := cloudamqp.NewVpc(ctx, "vpc", &cloudamqp.VpcArgs{
Name: pulumi.String("Standalone VPC"),
Region: pulumi.String("amazon-web-services::us-west-1"),
Subnet: pulumi.String("10.56.72.0/24"),
Tags: pulumi.StringArray{},
})
if err != nil {
return err
}
instance, err := cloudamqp.NewInstance(ctx, "instance", &cloudamqp.InstanceArgs{
Name: pulumi.String("Instance 01"),
Plan: pulumi.String("bunny-1"),
Region: pulumi.String("amazon-web-services::us-west-1"),
Tags: pulumi.StringArray{},
VpcId: vpc.ID(),
KeepAssociatedVpc: pulumi.Bool(true),
})
if err != nil {
return err
}
_, err = cloudamqp.NewVpcConnect(ctx, "vpc_connect", &cloudamqp.VpcConnectArgs{
InstanceId: instance.ID(),
Region: instance.Region,
AllowedPrincipals: pulumi.StringArray{
pulumi.String("arn:aws:iam::aws-account-id:user/user-name"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using CloudAmqp = Pulumi.CloudAmqp;
return await Deployment.RunAsync(() =>
{
var vpc = new CloudAmqp.Vpc("vpc", new()
{
Name = "Standalone VPC",
Region = "amazon-web-services::us-west-1",
Subnet = "10.56.72.0/24",
Tags = new[] {},
});
var instance = new CloudAmqp.Instance("instance", new()
{
Name = "Instance 01",
Plan = "bunny-1",
Region = "amazon-web-services::us-west-1",
Tags = new[] {},
VpcId = vpc.Id,
KeepAssociatedVpc = true,
});
var vpcConnect = new CloudAmqp.VpcConnect("vpc_connect", new()
{
InstanceId = instance.Id,
Region = instance.Region,
AllowedPrincipals = new[]
{
"arn:aws:iam::aws-account-id:user/user-name",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudamqp.Vpc;
import com.pulumi.cloudamqp.VpcArgs;
import com.pulumi.cloudamqp.Instance;
import com.pulumi.cloudamqp.InstanceArgs;
import com.pulumi.cloudamqp.VpcConnect;
import com.pulumi.cloudamqp.VpcConnectArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var vpc = new Vpc("vpc", VpcArgs.builder()
.name("Standalone VPC")
.region("amazon-web-services::us-west-1")
.subnet("10.56.72.0/24")
.tags()
.build());
var instance = new Instance("instance", InstanceArgs.builder()
.name("Instance 01")
.plan("bunny-1")
.region("amazon-web-services::us-west-1")
.tags()
.vpcId(vpc.id())
.keepAssociatedVpc(true)
.build());
var vpcConnect = new VpcConnect("vpcConnect", VpcConnectArgs.builder()
.instanceId(instance.id())
.region(instance.region())
.allowedPrincipals("arn:aws:iam::aws-account-id:user/user-name")
.build());
}
}
resources:
vpc:
type: cloudamqp:Vpc
properties:
name: Standalone VPC
region: amazon-web-services::us-west-1
subnet: 10.56.72.0/24
tags: []
instance:
type: cloudamqp:Instance
properties:
name: Instance 01
plan: bunny-1
region: amazon-web-services::us-west-1
tags: []
vpcId: ${vpc.id}
keepAssociatedVpc: true
vpcConnect:
type: cloudamqp:VpcConnect
name: vpc_connect
properties:
instanceId: ${instance.id}
region: ${instance.region}
allowedPrincipals:
- arn:aws:iam::aws-account-id:user/user-name
Enable VPC Connect (PrivateLink) in Azure
import * as pulumi from "@pulumi/pulumi";
import * as cloudamqp from "@pulumi/cloudamqp";
const vpc = new cloudamqp.Vpc("vpc", {
name: "Standalone VPC",
region: "azure-arm::westus",
subnet: "10.56.72.0/24",
tags: [],
});
const instance = new cloudamqp.Instance("instance", {
name: "Instance 01",
plan: "bunny-1",
region: "azure-arm::westus",
tags: [],
vpcId: vpc.id,
keepAssociatedVpc: true,
});
const vpcConnect = new cloudamqp.VpcConnect("vpc_connect", {
instanceId: instance.id,
region: instance.region,
approvedSubscriptions: ["XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"],
});
import pulumi
import pulumi_cloudamqp as cloudamqp
vpc = cloudamqp.Vpc("vpc",
name="Standalone VPC",
region="azure-arm::westus",
subnet="10.56.72.0/24",
tags=[])
instance = cloudamqp.Instance("instance",
name="Instance 01",
plan="bunny-1",
region="azure-arm::westus",
tags=[],
vpc_id=vpc.id,
keep_associated_vpc=True)
vpc_connect = cloudamqp.VpcConnect("vpc_connect",
instance_id=instance.id,
region=instance.region,
approved_subscriptions=["XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"])
package main
import (
"github.com/pulumi/pulumi-cloudamqp/sdk/v3/go/cloudamqp"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
vpc, err := cloudamqp.NewVpc(ctx, "vpc", &cloudamqp.VpcArgs{
Name: pulumi.String("Standalone VPC"),
Region: pulumi.String("azure-arm::westus"),
Subnet: pulumi.String("10.56.72.0/24"),
Tags: pulumi.StringArray{},
})
if err != nil {
return err
}
instance, err := cloudamqp.NewInstance(ctx, "instance", &cloudamqp.InstanceArgs{
Name: pulumi.String("Instance 01"),
Plan: pulumi.String("bunny-1"),
Region: pulumi.String("azure-arm::westus"),
Tags: pulumi.StringArray{},
VpcId: vpc.ID(),
KeepAssociatedVpc: pulumi.Bool(true),
})
if err != nil {
return err
}
_, err = cloudamqp.NewVpcConnect(ctx, "vpc_connect", &cloudamqp.VpcConnectArgs{
InstanceId: instance.ID(),
Region: instance.Region,
ApprovedSubscriptions: pulumi.StringArray{
pulumi.String("XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using CloudAmqp = Pulumi.CloudAmqp;
return await Deployment.RunAsync(() =>
{
var vpc = new CloudAmqp.Vpc("vpc", new()
{
Name = "Standalone VPC",
Region = "azure-arm::westus",
Subnet = "10.56.72.0/24",
Tags = new[] {},
});
var instance = new CloudAmqp.Instance("instance", new()
{
Name = "Instance 01",
Plan = "bunny-1",
Region = "azure-arm::westus",
Tags = new[] {},
VpcId = vpc.Id,
KeepAssociatedVpc = true,
});
var vpcConnect = new CloudAmqp.VpcConnect("vpc_connect", new()
{
InstanceId = instance.Id,
Region = instance.Region,
ApprovedSubscriptions = new[]
{
"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudamqp.Vpc;
import com.pulumi.cloudamqp.VpcArgs;
import com.pulumi.cloudamqp.Instance;
import com.pulumi.cloudamqp.InstanceArgs;
import com.pulumi.cloudamqp.VpcConnect;
import com.pulumi.cloudamqp.VpcConnectArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var vpc = new Vpc("vpc", VpcArgs.builder()
.name("Standalone VPC")
.region("azure-arm::westus")
.subnet("10.56.72.0/24")
.tags()
.build());
var instance = new Instance("instance", InstanceArgs.builder()
.name("Instance 01")
.plan("bunny-1")
.region("azure-arm::westus")
.tags()
.vpcId(vpc.id())
.keepAssociatedVpc(true)
.build());
var vpcConnect = new VpcConnect("vpcConnect", VpcConnectArgs.builder()
.instanceId(instance.id())
.region(instance.region())
.approvedSubscriptions("XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX")
.build());
}
}
resources:
vpc:
type: cloudamqp:Vpc
properties:
name: Standalone VPC
region: azure-arm::westus
subnet: 10.56.72.0/24
tags: []
instance:
type: cloudamqp:Instance
properties:
name: Instance 01
plan: bunny-1
region: azure-arm::westus
tags: []
vpcId: ${vpc.id}
keepAssociatedVpc: true
vpcConnect:
type: cloudamqp:VpcConnect
name: vpc_connect
properties:
instanceId: ${instance.id}
region: ${instance.region}
approvedSubscriptions:
- XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
Enable VPC Connect (Private Service Connect) in GCP
import * as pulumi from "@pulumi/pulumi";
import * as cloudamqp from "@pulumi/cloudamqp";
const vpc = new cloudamqp.Vpc("vpc", {
name: "Standalone VPC",
region: "google-compute-engine::us-west1",
subnet: "10.56.72.0/24",
tags: [],
});
const instance = new cloudamqp.Instance("instance", {
name: "Instance 01",
plan: "bunny-1",
region: "google-compute-engine::us-west1",
tags: [],
vpcId: vpc.id,
keepAssociatedVpc: true,
});
const vpcConnect = new cloudamqp.VpcConnect("vpc_connect", {
instanceId: instance.id,
region: instance.region,
allowedProjects: ["some-project-123456"],
});
import pulumi
import pulumi_cloudamqp as cloudamqp
vpc = cloudamqp.Vpc("vpc",
name="Standalone VPC",
region="google-compute-engine::us-west1",
subnet="10.56.72.0/24",
tags=[])
instance = cloudamqp.Instance("instance",
name="Instance 01",
plan="bunny-1",
region="google-compute-engine::us-west1",
tags=[],
vpc_id=vpc.id,
keep_associated_vpc=True)
vpc_connect = cloudamqp.VpcConnect("vpc_connect",
instance_id=instance.id,
region=instance.region,
allowed_projects=["some-project-123456"])
package main
import (
"github.com/pulumi/pulumi-cloudamqp/sdk/v3/go/cloudamqp"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
vpc, err := cloudamqp.NewVpc(ctx, "vpc", &cloudamqp.VpcArgs{
Name: pulumi.String("Standalone VPC"),
Region: pulumi.String("google-compute-engine::us-west1"),
Subnet: pulumi.String("10.56.72.0/24"),
Tags: pulumi.StringArray{},
})
if err != nil {
return err
}
instance, err := cloudamqp.NewInstance(ctx, "instance", &cloudamqp.InstanceArgs{
Name: pulumi.String("Instance 01"),
Plan: pulumi.String("bunny-1"),
Region: pulumi.String("google-compute-engine::us-west1"),
Tags: pulumi.StringArray{},
VpcId: vpc.ID(),
KeepAssociatedVpc: pulumi.Bool(true),
})
if err != nil {
return err
}
_, err = cloudamqp.NewVpcConnect(ctx, "vpc_connect", &cloudamqp.VpcConnectArgs{
InstanceId: instance.ID(),
Region: instance.Region,
AllowedProjects: pulumi.StringArray{
pulumi.String("some-project-123456"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using CloudAmqp = Pulumi.CloudAmqp;
return await Deployment.RunAsync(() =>
{
var vpc = new CloudAmqp.Vpc("vpc", new()
{
Name = "Standalone VPC",
Region = "google-compute-engine::us-west1",
Subnet = "10.56.72.0/24",
Tags = new[] {},
});
var instance = new CloudAmqp.Instance("instance", new()
{
Name = "Instance 01",
Plan = "bunny-1",
Region = "google-compute-engine::us-west1",
Tags = new[] {},
VpcId = vpc.Id,
KeepAssociatedVpc = true,
});
var vpcConnect = new CloudAmqp.VpcConnect("vpc_connect", new()
{
InstanceId = instance.Id,
Region = instance.Region,
AllowedProjects = new[]
{
"some-project-123456",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudamqp.Vpc;
import com.pulumi.cloudamqp.VpcArgs;
import com.pulumi.cloudamqp.Instance;
import com.pulumi.cloudamqp.InstanceArgs;
import com.pulumi.cloudamqp.VpcConnect;
import com.pulumi.cloudamqp.VpcConnectArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var vpc = new Vpc("vpc", VpcArgs.builder()
.name("Standalone VPC")
.region("google-compute-engine::us-west1")
.subnet("10.56.72.0/24")
.tags()
.build());
var instance = new Instance("instance", InstanceArgs.builder()
.name("Instance 01")
.plan("bunny-1")
.region("google-compute-engine::us-west1")
.tags()
.vpcId(vpc.id())
.keepAssociatedVpc(true)
.build());
var vpcConnect = new VpcConnect("vpcConnect", VpcConnectArgs.builder()
.instanceId(instance.id())
.region(instance.region())
.allowedProjects("some-project-123456")
.build());
}
}
resources:
vpc:
type: cloudamqp:Vpc
properties:
name: Standalone VPC
region: google-compute-engine::us-west1
subnet: 10.56.72.0/24
tags: []
instance:
type: cloudamqp:Instance
properties:
name: Instance 01
plan: bunny-1
region: google-compute-engine::us-west1
tags: []
vpcId: ${vpc.id}
keepAssociatedVpc: true
vpcConnect:
type: cloudamqp:VpcConnect
name: vpc_connect
properties:
instanceId: ${instance.id}
region: ${instance.region}
allowedProjects:
- some-project-123456
With Additional Firewall Rules
CloudAMQP instance in an existing VPC with managed firewall rules
import * as pulumi from "@pulumi/pulumi";
import * as cloudamqp from "@pulumi/cloudamqp";
const vpc = new cloudamqp.Vpc("vpc", {
name: "Standalone VPC",
region: "amazon-web-services::us-west-1",
subnet: "10.56.72.0/24",
tags: [],
});
const instance = new cloudamqp.Instance("instance", {
name: "Instance 01",
plan: "bunny-1",
region: "amazon-web-services::us-west-1",
tags: [],
vpcId: vpc.id,
keepAssociatedVpc: true,
});
const vpcConnect = new cloudamqp.VpcConnect("vpc_connect", {
instanceId: instance.id,
allowedPrincipals: ["arn:aws:iam::aws-account-id:user/user-name"],
});
const firewallSettings = new cloudamqp.SecurityFirewall("firewall_settings", {
instanceId: instance.id,
rules: [
{
description: "Custom PrivateLink setup",
ip: vpc.subnet,
ports: [],
services: [
"AMQP",
"AMQPS",
"HTTPS",
"STREAM",
"STREAM_SSL",
],
},
{
description: "MGMT interface",
ip: "0.0.0.0/0",
ports: [],
services: ["HTTPS"],
},
],
}, {
dependsOn: [vpcConnect],
});
import pulumi
import pulumi_cloudamqp as cloudamqp
vpc = cloudamqp.Vpc("vpc",
name="Standalone VPC",
region="amazon-web-services::us-west-1",
subnet="10.56.72.0/24",
tags=[])
instance = cloudamqp.Instance("instance",
name="Instance 01",
plan="bunny-1",
region="amazon-web-services::us-west-1",
tags=[],
vpc_id=vpc.id,
keep_associated_vpc=True)
vpc_connect = cloudamqp.VpcConnect("vpc_connect",
instance_id=instance.id,
allowed_principals=["arn:aws:iam::aws-account-id:user/user-name"])
firewall_settings = cloudamqp.SecurityFirewall("firewall_settings",
instance_id=instance.id,
rules=[
cloudamqp.SecurityFirewallRuleArgs(
description="Custom PrivateLink setup",
ip=vpc.subnet,
ports=[],
services=[
"AMQP",
"AMQPS",
"HTTPS",
"STREAM",
"STREAM_SSL",
],
),
cloudamqp.SecurityFirewallRuleArgs(
description="MGMT interface",
ip="0.0.0.0/0",
ports=[],
services=["HTTPS"],
),
],
opts=pulumi.ResourceOptions(depends_on=[vpc_connect]))
package main
import (
"github.com/pulumi/pulumi-cloudamqp/sdk/v3/go/cloudamqp"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
vpc, err := cloudamqp.NewVpc(ctx, "vpc", &cloudamqp.VpcArgs{
Name: pulumi.String("Standalone VPC"),
Region: pulumi.String("amazon-web-services::us-west-1"),
Subnet: pulumi.String("10.56.72.0/24"),
Tags: pulumi.StringArray{},
})
if err != nil {
return err
}
instance, err := cloudamqp.NewInstance(ctx, "instance", &cloudamqp.InstanceArgs{
Name: pulumi.String("Instance 01"),
Plan: pulumi.String("bunny-1"),
Region: pulumi.String("amazon-web-services::us-west-1"),
Tags: pulumi.StringArray{},
VpcId: vpc.ID(),
KeepAssociatedVpc: pulumi.Bool(true),
})
if err != nil {
return err
}
vpcConnect, err := cloudamqp.NewVpcConnect(ctx, "vpc_connect", &cloudamqp.VpcConnectArgs{
InstanceId: instance.ID(),
AllowedPrincipals: pulumi.StringArray{
pulumi.String("arn:aws:iam::aws-account-id:user/user-name"),
},
})
if err != nil {
return err
}
_, err = cloudamqp.NewSecurityFirewall(ctx, "firewall_settings", &cloudamqp.SecurityFirewallArgs{
InstanceId: instance.ID(),
Rules: cloudamqp.SecurityFirewallRuleArray{
&cloudamqp.SecurityFirewallRuleArgs{
Description: pulumi.String("Custom PrivateLink setup"),
Ip: vpc.Subnet,
Ports: pulumi.IntArray{},
Services: pulumi.StringArray{
pulumi.String("AMQP"),
pulumi.String("AMQPS"),
pulumi.String("HTTPS"),
pulumi.String("STREAM"),
pulumi.String("STREAM_SSL"),
},
},
&cloudamqp.SecurityFirewallRuleArgs{
Description: pulumi.String("MGMT interface"),
Ip: pulumi.String("0.0.0.0/0"),
Ports: pulumi.IntArray{},
Services: pulumi.StringArray{
pulumi.String("HTTPS"),
},
},
},
}, pulumi.DependsOn([]pulumi.Resource{
vpcConnect,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using CloudAmqp = Pulumi.CloudAmqp;
return await Deployment.RunAsync(() =>
{
var vpc = new CloudAmqp.Vpc("vpc", new()
{
Name = "Standalone VPC",
Region = "amazon-web-services::us-west-1",
Subnet = "10.56.72.0/24",
Tags = new[] {},
});
var instance = new CloudAmqp.Instance("instance", new()
{
Name = "Instance 01",
Plan = "bunny-1",
Region = "amazon-web-services::us-west-1",
Tags = new[] {},
VpcId = vpc.Id,
KeepAssociatedVpc = true,
});
var vpcConnect = new CloudAmqp.VpcConnect("vpc_connect", new()
{
InstanceId = instance.Id,
AllowedPrincipals = new[]
{
"arn:aws:iam::aws-account-id:user/user-name",
},
});
var firewallSettings = new CloudAmqp.SecurityFirewall("firewall_settings", new()
{
InstanceId = instance.Id,
Rules = new[]
{
new CloudAmqp.Inputs.SecurityFirewallRuleArgs
{
Description = "Custom PrivateLink setup",
Ip = vpc.Subnet,
Ports = new() { },
Services = new[]
{
"AMQP",
"AMQPS",
"HTTPS",
"STREAM",
"STREAM_SSL",
},
},
new CloudAmqp.Inputs.SecurityFirewallRuleArgs
{
Description = "MGMT interface",
Ip = "0.0.0.0/0",
Ports = new() { },
Services = new[]
{
"HTTPS",
},
},
},
}, new CustomResourceOptions
{
DependsOn =
{
vpcConnect,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudamqp.Vpc;
import com.pulumi.cloudamqp.VpcArgs;
import com.pulumi.cloudamqp.Instance;
import com.pulumi.cloudamqp.InstanceArgs;
import com.pulumi.cloudamqp.VpcConnect;
import com.pulumi.cloudamqp.VpcConnectArgs;
import com.pulumi.cloudamqp.SecurityFirewall;
import com.pulumi.cloudamqp.SecurityFirewallArgs;
import com.pulumi.cloudamqp.inputs.SecurityFirewallRuleArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var vpc = new Vpc("vpc", VpcArgs.builder()
.name("Standalone VPC")
.region("amazon-web-services::us-west-1")
.subnet("10.56.72.0/24")
.tags()
.build());
var instance = new Instance("instance", InstanceArgs.builder()
.name("Instance 01")
.plan("bunny-1")
.region("amazon-web-services::us-west-1")
.tags()
.vpcId(vpc.id())
.keepAssociatedVpc(true)
.build());
var vpcConnect = new VpcConnect("vpcConnect", VpcConnectArgs.builder()
.instanceId(instance.id())
.allowedPrincipals("arn:aws:iam::aws-account-id:user/user-name")
.build());
var firewallSettings = new SecurityFirewall("firewallSettings", SecurityFirewallArgs.builder()
.instanceId(instance.id())
.rules(
SecurityFirewallRuleArgs.builder()
.description("Custom PrivateLink setup")
.ip(vpc.subnet())
.ports()
.services(
"AMQP",
"AMQPS",
"HTTPS",
"STREAM",
"STREAM_SSL")
.build(),
SecurityFirewallRuleArgs.builder()
.description("MGMT interface")
.ip("0.0.0.0/0")
.ports()
.services("HTTPS")
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(vpcConnect)
.build());
}
}
resources:
vpc:
type: cloudamqp:Vpc
properties:
name: Standalone VPC
region: amazon-web-services::us-west-1
subnet: 10.56.72.0/24
tags: []
instance:
type: cloudamqp:Instance
properties:
name: Instance 01
plan: bunny-1
region: amazon-web-services::us-west-1
tags: []
vpcId: ${vpc.id}
keepAssociatedVpc: true
vpcConnect:
type: cloudamqp:VpcConnect
name: vpc_connect
properties:
instanceId: ${instance.id}
allowedPrincipals:
- arn:aws:iam::aws-account-id:user/user-name
firewallSettings:
type: cloudamqp:SecurityFirewall
name: firewall_settings
properties:
instanceId: ${instance.id}
rules:
- description: Custom PrivateLink setup
ip: ${vpc.subnet}
ports: []
services:
- AMQP
- AMQPS
- HTTPS
- STREAM
- STREAM_SSL
- description: MGMT interface
ip: 0.0.0.0/0
ports: []
services:
- HTTPS
options:
dependson:
- ${vpcConnect}
Depedency
This resource depends on CloudAMQP instance identifier, cloudamqp_instance.instance.id.
Since region also is required, suggest to reuse the argument from CloudAMQP instance,
cloudamqp_instance.instance.region.
Create VPC Connect with additional firewall rules
To create a PrivateLink/Private Service Connect configuration with additional firewall rules, it’s required to chain the cloudamqp.SecurityFirewall
resource to avoid parallel conflicting resource calls. You can do this by making the firewall
resource depend on the VPC Connect resource, cloudamqp_vpc_connect.vpc_connect.
Furthermore, since all firewall rules are overwritten, the otherwise automatically added rules for the VPC Connect also needs to be added.
Create VpcConnect Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new VpcConnect(name: string, args: VpcConnectArgs, opts?: CustomResourceOptions);@overload
def VpcConnect(resource_name: str,
args: VpcConnectArgs,
opts: Optional[ResourceOptions] = None)
@overload
def VpcConnect(resource_name: str,
opts: Optional[ResourceOptions] = None,
instance_id: Optional[int] = None,
region: Optional[str] = None,
allowed_principals: Optional[Sequence[str]] = None,
allowed_projects: Optional[Sequence[str]] = None,
approved_subscriptions: Optional[Sequence[str]] = None,
sleep: Optional[int] = None,
timeout: Optional[int] = None)func NewVpcConnect(ctx *Context, name string, args VpcConnectArgs, opts ...ResourceOption) (*VpcConnect, error)public VpcConnect(string name, VpcConnectArgs args, CustomResourceOptions? opts = null)
public VpcConnect(String name, VpcConnectArgs args)
public VpcConnect(String name, VpcConnectArgs args, CustomResourceOptions options)
type: cloudamqp:VpcConnect
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args VpcConnectArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args VpcConnectArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args VpcConnectArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args VpcConnectArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args VpcConnectArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var vpcConnectResource = new CloudAmqp.VpcConnect("vpcConnectResource", new()
{
InstanceId = 0,
Region = "string",
AllowedPrincipals = new[]
{
"string",
},
AllowedProjects = new[]
{
"string",
},
ApprovedSubscriptions = new[]
{
"string",
},
Sleep = 0,
Timeout = 0,
});
example, err := cloudamqp.NewVpcConnect(ctx, "vpcConnectResource", &cloudamqp.VpcConnectArgs{
InstanceId: pulumi.Int(0),
Region: pulumi.String("string"),
AllowedPrincipals: pulumi.StringArray{
pulumi.String("string"),
},
AllowedProjects: pulumi.StringArray{
pulumi.String("string"),
},
ApprovedSubscriptions: pulumi.StringArray{
pulumi.String("string"),
},
Sleep: pulumi.Int(0),
Timeout: pulumi.Int(0),
})
var vpcConnectResource = new VpcConnect("vpcConnectResource", VpcConnectArgs.builder()
.instanceId(0)
.region("string")
.allowedPrincipals("string")
.allowedProjects("string")
.approvedSubscriptions("string")
.sleep(0)
.timeout(0)
.build());
vpc_connect_resource = cloudamqp.VpcConnect("vpcConnectResource",
instance_id=0,
region="string",
allowed_principals=["string"],
allowed_projects=["string"],
approved_subscriptions=["string"],
sleep=0,
timeout=0)
const vpcConnectResource = new cloudamqp.VpcConnect("vpcConnectResource", {
instanceId: 0,
region: "string",
allowedPrincipals: ["string"],
allowedProjects: ["string"],
approvedSubscriptions: ["string"],
sleep: 0,
timeout: 0,
});
type: cloudamqp:VpcConnect
properties:
allowedPrincipals:
- string
allowedProjects:
- string
approvedSubscriptions:
- string
instanceId: 0
region: string
sleep: 0
timeout: 0
VpcConnect Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The VpcConnect resource accepts the following input properties:
- Instance
Id int - The CloudAMQP instance identifier.
- Region string
- The region where the CloudAMQP instance is hosted.
- Allowed
Principals List<string> - List of allowed prinicpals used by AWS, see below table.
- Allowed
Projects List<string> - List of allowed projects used by GCP, see below table.
- Approved
Subscriptions List<string> - List of approved subscriptions used by Azure, see below table.
- Sleep int
- Configurable sleep time (seconds) when enable Private Service Connect. Default set to 10 seconds.
- Timeout int
Configurable timeout time (seconds) when enable Private Service Connect. Default set to 1800 seconds.
The
allowed_principals,approved_subscriptionsorallowed_projectsdata depends on the provider platform:| Platform | Description | Format | |----------|---------------------|------------------------------------------------------------------------------------------------------------------------------------| | AWS | IAM ARN principals | arn:aws:iam::aws-account-id:root arn:aws:iam::aws-account-id:user/user-name arn:aws:iam::aws-account-id:role/role-name | | Azure | Subscription (GUID) | XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX | | GCP | Project IDs* | 6 to 30 lowercase letters, digits, or hyphens |
*https://cloud.google.com/resource-manager/reference/rest/v1/projects
- Instance
Id int - The CloudAMQP instance identifier.
- Region string
- The region where the CloudAMQP instance is hosted.
- Allowed
Principals []string - List of allowed prinicpals used by AWS, see below table.
- Allowed
Projects []string - List of allowed projects used by GCP, see below table.
- Approved
Subscriptions []string - List of approved subscriptions used by Azure, see below table.
- Sleep int
- Configurable sleep time (seconds) when enable Private Service Connect. Default set to 10 seconds.
- Timeout int
Configurable timeout time (seconds) when enable Private Service Connect. Default set to 1800 seconds.
The
allowed_principals,approved_subscriptionsorallowed_projectsdata depends on the provider platform:| Platform | Description | Format | |----------|---------------------|------------------------------------------------------------------------------------------------------------------------------------| | AWS | IAM ARN principals | arn:aws:iam::aws-account-id:root arn:aws:iam::aws-account-id:user/user-name arn:aws:iam::aws-account-id:role/role-name | | Azure | Subscription (GUID) | XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX | | GCP | Project IDs* | 6 to 30 lowercase letters, digits, or hyphens |
*https://cloud.google.com/resource-manager/reference/rest/v1/projects
- instance
Id Integer - The CloudAMQP instance identifier.
- region String
- The region where the CloudAMQP instance is hosted.
- allowed
Principals List<String> - List of allowed prinicpals used by AWS, see below table.
- allowed
Projects List<String> - List of allowed projects used by GCP, see below table.
- approved
Subscriptions List<String> - List of approved subscriptions used by Azure, see below table.
- sleep Integer
- Configurable sleep time (seconds) when enable Private Service Connect. Default set to 10 seconds.
- timeout Integer
Configurable timeout time (seconds) when enable Private Service Connect. Default set to 1800 seconds.
The
allowed_principals,approved_subscriptionsorallowed_projectsdata depends on the provider platform:| Platform | Description | Format | |----------|---------------------|------------------------------------------------------------------------------------------------------------------------------------| | AWS | IAM ARN principals | arn:aws:iam::aws-account-id:root arn:aws:iam::aws-account-id:user/user-name arn:aws:iam::aws-account-id:role/role-name | | Azure | Subscription (GUID) | XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX | | GCP | Project IDs* | 6 to 30 lowercase letters, digits, or hyphens |
*https://cloud.google.com/resource-manager/reference/rest/v1/projects
- instance
Id number - The CloudAMQP instance identifier.
- region string
- The region where the CloudAMQP instance is hosted.
- allowed
Principals string[] - List of allowed prinicpals used by AWS, see below table.
- allowed
Projects string[] - List of allowed projects used by GCP, see below table.
- approved
Subscriptions string[] - List of approved subscriptions used by Azure, see below table.
- sleep number
- Configurable sleep time (seconds) when enable Private Service Connect. Default set to 10 seconds.
- timeout number
Configurable timeout time (seconds) when enable Private Service Connect. Default set to 1800 seconds.
The
allowed_principals,approved_subscriptionsorallowed_projectsdata depends on the provider platform:| Platform | Description | Format | |----------|---------------------|------------------------------------------------------------------------------------------------------------------------------------| | AWS | IAM ARN principals | arn:aws:iam::aws-account-id:root arn:aws:iam::aws-account-id:user/user-name arn:aws:iam::aws-account-id:role/role-name | | Azure | Subscription (GUID) | XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX | | GCP | Project IDs* | 6 to 30 lowercase letters, digits, or hyphens |
*https://cloud.google.com/resource-manager/reference/rest/v1/projects
- instance_
id int - The CloudAMQP instance identifier.
- region str
- The region where the CloudAMQP instance is hosted.
- allowed_
principals Sequence[str] - List of allowed prinicpals used by AWS, see below table.
- allowed_
projects Sequence[str] - List of allowed projects used by GCP, see below table.
- approved_
subscriptions Sequence[str] - List of approved subscriptions used by Azure, see below table.
- sleep int
- Configurable sleep time (seconds) when enable Private Service Connect. Default set to 10 seconds.
- timeout int
Configurable timeout time (seconds) when enable Private Service Connect. Default set to 1800 seconds.
The
allowed_principals,approved_subscriptionsorallowed_projectsdata depends on the provider platform:| Platform | Description | Format | |----------|---------------------|------------------------------------------------------------------------------------------------------------------------------------| | AWS | IAM ARN principals | arn:aws:iam::aws-account-id:root arn:aws:iam::aws-account-id:user/user-name arn:aws:iam::aws-account-id:role/role-name | | Azure | Subscription (GUID) | XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX | | GCP | Project IDs* | 6 to 30 lowercase letters, digits, or hyphens |
*https://cloud.google.com/resource-manager/reference/rest/v1/projects
- instance
Id Number - The CloudAMQP instance identifier.
- region String
- The region where the CloudAMQP instance is hosted.
- allowed
Principals List<String> - List of allowed prinicpals used by AWS, see below table.
- allowed
Projects List<String> - List of allowed projects used by GCP, see below table.
- approved
Subscriptions List<String> - List of approved subscriptions used by Azure, see below table.
- sleep Number
- Configurable sleep time (seconds) when enable Private Service Connect. Default set to 10 seconds.
- timeout Number
Configurable timeout time (seconds) when enable Private Service Connect. Default set to 1800 seconds.
The
allowed_principals,approved_subscriptionsorallowed_projectsdata depends on the provider platform:| Platform | Description | Format | |----------|---------------------|------------------------------------------------------------------------------------------------------------------------------------| | AWS | IAM ARN principals | arn:aws:iam::aws-account-id:root arn:aws:iam::aws-account-id:user/user-name arn:aws:iam::aws-account-id:role/role-name | | Azure | Subscription (GUID) | XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX | | GCP | Project IDs* | 6 to 30 lowercase letters, digits, or hyphens |
*https://cloud.google.com/resource-manager/reference/rest/v1/projects
Outputs
All input properties are implicitly available as output properties. Additionally, the VpcConnect resource produces the following output properties:
- Active
Zones List<string> - Covering availability zones used when creating an endpoint from other VPC. (AWS)
- Id string
- The provider-assigned unique ID for this managed resource.
- Service
Name string - Service name (alias for Azure) of the PrivateLink.
- Status string
- Private Service Connect status [enable, pending, disable]
- Active
Zones []string - Covering availability zones used when creating an endpoint from other VPC. (AWS)
- Id string
- The provider-assigned unique ID for this managed resource.
- Service
Name string - Service name (alias for Azure) of the PrivateLink.
- Status string
- Private Service Connect status [enable, pending, disable]
- active
Zones List<String> - Covering availability zones used when creating an endpoint from other VPC. (AWS)
- id String
- The provider-assigned unique ID for this managed resource.
- service
Name String - Service name (alias for Azure) of the PrivateLink.
- status String
- Private Service Connect status [enable, pending, disable]
- active
Zones string[] - Covering availability zones used when creating an endpoint from other VPC. (AWS)
- id string
- The provider-assigned unique ID for this managed resource.
- service
Name string - Service name (alias for Azure) of the PrivateLink.
- status string
- Private Service Connect status [enable, pending, disable]
- active_
zones Sequence[str] - Covering availability zones used when creating an endpoint from other VPC. (AWS)
- id str
- The provider-assigned unique ID for this managed resource.
- service_
name str - Service name (alias for Azure) of the PrivateLink.
- status str
- Private Service Connect status [enable, pending, disable]
- active
Zones List<String> - Covering availability zones used when creating an endpoint from other VPC. (AWS)
- id String
- The provider-assigned unique ID for this managed resource.
- service
Name String - Service name (alias for Azure) of the PrivateLink.
- status String
- Private Service Connect status [enable, pending, disable]
Look up Existing VpcConnect Resource
Get an existing VpcConnect resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: VpcConnectState, opts?: CustomResourceOptions): VpcConnect@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
active_zones: Optional[Sequence[str]] = None,
allowed_principals: Optional[Sequence[str]] = None,
allowed_projects: Optional[Sequence[str]] = None,
approved_subscriptions: Optional[Sequence[str]] = None,
instance_id: Optional[int] = None,
region: Optional[str] = None,
service_name: Optional[str] = None,
sleep: Optional[int] = None,
status: Optional[str] = None,
timeout: Optional[int] = None) -> VpcConnectfunc GetVpcConnect(ctx *Context, name string, id IDInput, state *VpcConnectState, opts ...ResourceOption) (*VpcConnect, error)public static VpcConnect Get(string name, Input<string> id, VpcConnectState? state, CustomResourceOptions? opts = null)public static VpcConnect get(String name, Output<String> id, VpcConnectState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Active
Zones List<string> - Covering availability zones used when creating an endpoint from other VPC. (AWS)
- Allowed
Principals List<string> - List of allowed prinicpals used by AWS, see below table.
- Allowed
Projects List<string> - List of allowed projects used by GCP, see below table.
- Approved
Subscriptions List<string> - List of approved subscriptions used by Azure, see below table.
- Instance
Id int - The CloudAMQP instance identifier.
- Region string
- The region where the CloudAMQP instance is hosted.
- Service
Name string - Service name (alias for Azure) of the PrivateLink.
- Sleep int
- Configurable sleep time (seconds) when enable Private Service Connect. Default set to 10 seconds.
- Status string
- Private Service Connect status [enable, pending, disable]
- Timeout int
Configurable timeout time (seconds) when enable Private Service Connect. Default set to 1800 seconds.
The
allowed_principals,approved_subscriptionsorallowed_projectsdata depends on the provider platform:| Platform | Description | Format | |----------|---------------------|------------------------------------------------------------------------------------------------------------------------------------| | AWS | IAM ARN principals | arn:aws:iam::aws-account-id:root arn:aws:iam::aws-account-id:user/user-name arn:aws:iam::aws-account-id:role/role-name | | Azure | Subscription (GUID) | XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX | | GCP | Project IDs* | 6 to 30 lowercase letters, digits, or hyphens |
*https://cloud.google.com/resource-manager/reference/rest/v1/projects
- Active
Zones []string - Covering availability zones used when creating an endpoint from other VPC. (AWS)
- Allowed
Principals []string - List of allowed prinicpals used by AWS, see below table.
- Allowed
Projects []string - List of allowed projects used by GCP, see below table.
- Approved
Subscriptions []string - List of approved subscriptions used by Azure, see below table.
- Instance
Id int - The CloudAMQP instance identifier.
- Region string
- The region where the CloudAMQP instance is hosted.
- Service
Name string - Service name (alias for Azure) of the PrivateLink.
- Sleep int
- Configurable sleep time (seconds) when enable Private Service Connect. Default set to 10 seconds.
- Status string
- Private Service Connect status [enable, pending, disable]
- Timeout int
Configurable timeout time (seconds) when enable Private Service Connect. Default set to 1800 seconds.
The
allowed_principals,approved_subscriptionsorallowed_projectsdata depends on the provider platform:| Platform | Description | Format | |----------|---------------------|------------------------------------------------------------------------------------------------------------------------------------| | AWS | IAM ARN principals | arn:aws:iam::aws-account-id:root arn:aws:iam::aws-account-id:user/user-name arn:aws:iam::aws-account-id:role/role-name | | Azure | Subscription (GUID) | XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX | | GCP | Project IDs* | 6 to 30 lowercase letters, digits, or hyphens |
*https://cloud.google.com/resource-manager/reference/rest/v1/projects
- active
Zones List<String> - Covering availability zones used when creating an endpoint from other VPC. (AWS)
- allowed
Principals List<String> - List of allowed prinicpals used by AWS, see below table.
- allowed
Projects List<String> - List of allowed projects used by GCP, see below table.
- approved
Subscriptions List<String> - List of approved subscriptions used by Azure, see below table.
- instance
Id Integer - The CloudAMQP instance identifier.
- region String
- The region where the CloudAMQP instance is hosted.
- service
Name String - Service name (alias for Azure) of the PrivateLink.
- sleep Integer
- Configurable sleep time (seconds) when enable Private Service Connect. Default set to 10 seconds.
- status String
- Private Service Connect status [enable, pending, disable]
- timeout Integer
Configurable timeout time (seconds) when enable Private Service Connect. Default set to 1800 seconds.
The
allowed_principals,approved_subscriptionsorallowed_projectsdata depends on the provider platform:| Platform | Description | Format | |----------|---------------------|------------------------------------------------------------------------------------------------------------------------------------| | AWS | IAM ARN principals | arn:aws:iam::aws-account-id:root arn:aws:iam::aws-account-id:user/user-name arn:aws:iam::aws-account-id:role/role-name | | Azure | Subscription (GUID) | XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX | | GCP | Project IDs* | 6 to 30 lowercase letters, digits, or hyphens |
*https://cloud.google.com/resource-manager/reference/rest/v1/projects
- active
Zones string[] - Covering availability zones used when creating an endpoint from other VPC. (AWS)
- allowed
Principals string[] - List of allowed prinicpals used by AWS, see below table.
- allowed
Projects string[] - List of allowed projects used by GCP, see below table.
- approved
Subscriptions string[] - List of approved subscriptions used by Azure, see below table.
- instance
Id number - The CloudAMQP instance identifier.
- region string
- The region where the CloudAMQP instance is hosted.
- service
Name string - Service name (alias for Azure) of the PrivateLink.
- sleep number
- Configurable sleep time (seconds) when enable Private Service Connect. Default set to 10 seconds.
- status string
- Private Service Connect status [enable, pending, disable]
- timeout number
Configurable timeout time (seconds) when enable Private Service Connect. Default set to 1800 seconds.
The
allowed_principals,approved_subscriptionsorallowed_projectsdata depends on the provider platform:| Platform | Description | Format | |----------|---------------------|------------------------------------------------------------------------------------------------------------------------------------| | AWS | IAM ARN principals | arn:aws:iam::aws-account-id:root arn:aws:iam::aws-account-id:user/user-name arn:aws:iam::aws-account-id:role/role-name | | Azure | Subscription (GUID) | XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX | | GCP | Project IDs* | 6 to 30 lowercase letters, digits, or hyphens |
*https://cloud.google.com/resource-manager/reference/rest/v1/projects
- active_
zones Sequence[str] - Covering availability zones used when creating an endpoint from other VPC. (AWS)
- allowed_
principals Sequence[str] - List of allowed prinicpals used by AWS, see below table.
- allowed_
projects Sequence[str] - List of allowed projects used by GCP, see below table.
- approved_
subscriptions Sequence[str] - List of approved subscriptions used by Azure, see below table.
- instance_
id int - The CloudAMQP instance identifier.
- region str
- The region where the CloudAMQP instance is hosted.
- service_
name str - Service name (alias for Azure) of the PrivateLink.
- sleep int
- Configurable sleep time (seconds) when enable Private Service Connect. Default set to 10 seconds.
- status str
- Private Service Connect status [enable, pending, disable]
- timeout int
Configurable timeout time (seconds) when enable Private Service Connect. Default set to 1800 seconds.
The
allowed_principals,approved_subscriptionsorallowed_projectsdata depends on the provider platform:| Platform | Description | Format | |----------|---------------------|------------------------------------------------------------------------------------------------------------------------------------| | AWS | IAM ARN principals | arn:aws:iam::aws-account-id:root arn:aws:iam::aws-account-id:user/user-name arn:aws:iam::aws-account-id:role/role-name | | Azure | Subscription (GUID) | XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX | | GCP | Project IDs* | 6 to 30 lowercase letters, digits, or hyphens |
*https://cloud.google.com/resource-manager/reference/rest/v1/projects
- active
Zones List<String> - Covering availability zones used when creating an endpoint from other VPC. (AWS)
- allowed
Principals List<String> - List of allowed prinicpals used by AWS, see below table.
- allowed
Projects List<String> - List of allowed projects used by GCP, see below table.
- approved
Subscriptions List<String> - List of approved subscriptions used by Azure, see below table.
- instance
Id Number - The CloudAMQP instance identifier.
- region String
- The region where the CloudAMQP instance is hosted.
- service
Name String - Service name (alias for Azure) of the PrivateLink.
- sleep Number
- Configurable sleep time (seconds) when enable Private Service Connect. Default set to 10 seconds.
- status String
- Private Service Connect status [enable, pending, disable]
- timeout Number
Configurable timeout time (seconds) when enable Private Service Connect. Default set to 1800 seconds.
The
allowed_principals,approved_subscriptionsorallowed_projectsdata depends on the provider platform:| Platform | Description | Format | |----------|---------------------|------------------------------------------------------------------------------------------------------------------------------------| | AWS | IAM ARN principals | arn:aws:iam::aws-account-id:root arn:aws:iam::aws-account-id:user/user-name arn:aws:iam::aws-account-id:role/role-name | | Azure | Subscription (GUID) | XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX | | GCP | Project IDs* | 6 to 30 lowercase letters, digits, or hyphens |
*https://cloud.google.com/resource-manager/reference/rest/v1/projects
Import
cloudamqp_vpc_connect can be imported using CloudAMQP internal identifier.
$ pulumi import cloudamqp:index/vpcConnect:VpcConnect vpc_connect <id>`
The resource uses the same identifier as the CloudAMQP instance. To retrieve the identifier for an instance, either use CloudAMQP customer API or use the data source cloudamqp_account.
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- CloudAMQP pulumi/pulumi-cloudamqp
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudamqpTerraform Provider.