Docs Home
AWS v6.73.0 published on Wednesday, Mar 19, 2025 by Pulumi
aws.ec2.getVpcEndpoint
Explore with Pulumi AI
The VPC Endpoint data source provides details about a specific VPC endpoint.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// Declare the data source
const s3 = aws.ec2.getVpcEndpoint({
vpcId: foo.id,
serviceName: "com.amazonaws.us-west-2.s3",
});
const privateS3 = new aws.ec2.VpcEndpointRouteTableAssociation("private_s3", {
vpcEndpointId: s3.then(s3 => s3.id),
routeTableId: _private.id,
});
import pulumi
import pulumi_aws as aws
# Declare the data source
s3 = aws.ec2.get_vpc_endpoint(vpc_id=foo["id"],
service_name="com.amazonaws.us-west-2.s3")
private_s3 = aws.ec2.VpcEndpointRouteTableAssociation("private_s3",
vpc_endpoint_id=s3.id,
route_table_id=private["id"])
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Declare the data source
s3, err := ec2.LookupVpcEndpoint(ctx, &ec2.LookupVpcEndpointArgs{
VpcId: pulumi.StringRef(foo.Id),
ServiceName: pulumi.StringRef("com.amazonaws.us-west-2.s3"),
}, nil)
if err != nil {
return err
}
_, err = ec2.NewVpcEndpointRouteTableAssociation(ctx, "private_s3", &ec2.VpcEndpointRouteTableAssociationArgs{
VpcEndpointId: pulumi.String(s3.Id),
RouteTableId: pulumi.Any(private.Id),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
// Declare the data source
var s3 = Aws.Ec2.GetVpcEndpoint.Invoke(new()
{
VpcId = foo.Id,
ServiceName = "com.amazonaws.us-west-2.s3",
});
var privateS3 = new Aws.Ec2.VpcEndpointRouteTableAssociation("private_s3", new()
{
VpcEndpointId = s3.Apply(getVpcEndpointResult => getVpcEndpointResult.Id),
RouteTableId = @private.Id,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.Ec2Functions;
import com.pulumi.aws.ec2.inputs.GetVpcEndpointArgs;
import com.pulumi.aws.ec2.VpcEndpointRouteTableAssociation;
import com.pulumi.aws.ec2.VpcEndpointRouteTableAssociationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Declare the data source
final var s3 = Ec2Functions.getVpcEndpoint(GetVpcEndpointArgs.builder()
.vpcId(foo.id())
.serviceName("com.amazonaws.us-west-2.s3")
.build());
var privateS3 = new VpcEndpointRouteTableAssociation("privateS3", VpcEndpointRouteTableAssociationArgs.builder()
.vpcEndpointId(s3.applyValue(getVpcEndpointResult -> getVpcEndpointResult.id()))
.routeTableId(private_.id())
.build());
}
}
resources:
privateS3:
type: aws:ec2:VpcEndpointRouteTableAssociation
name: private_s3
properties:
vpcEndpointId: ${s3.id}
routeTableId: ${private.id}
variables:
# Declare the data source
s3:
fn::invoke:
function: aws:ec2:getVpcEndpoint
arguments:
vpcId: ${foo.id}
serviceName: com.amazonaws.us-west-2.s3
Using getVpcEndpoint
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getVpcEndpoint(args: GetVpcEndpointArgs, opts?: InvokeOptions): Promise<GetVpcEndpointResult>
function getVpcEndpointOutput(args: GetVpcEndpointOutputArgs, opts?: InvokeOptions): Output<GetVpcEndpointResult>def get_vpc_endpoint(filters: Optional[Sequence[GetVpcEndpointFilter]] = None,
id: Optional[str] = None,
service_name: Optional[str] = None,
state: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
vpc_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetVpcEndpointResult
def get_vpc_endpoint_output(filters: Optional[pulumi.Input[Sequence[pulumi.Input[GetVpcEndpointFilterArgs]]]] = None,
id: Optional[pulumi.Input[str]] = None,
service_name: Optional[pulumi.Input[str]] = None,
state: Optional[pulumi.Input[str]] = None,
tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
vpc_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetVpcEndpointResult]func LookupVpcEndpoint(ctx *Context, args *LookupVpcEndpointArgs, opts ...InvokeOption) (*LookupVpcEndpointResult, error)
func LookupVpcEndpointOutput(ctx *Context, args *LookupVpcEndpointOutputArgs, opts ...InvokeOption) LookupVpcEndpointResultOutput> Note: This function is named LookupVpcEndpoint in the Go SDK.
public static class GetVpcEndpoint
{
public static Task<GetVpcEndpointResult> InvokeAsync(GetVpcEndpointArgs args, InvokeOptions? opts = null)
public static Output<GetVpcEndpointResult> Invoke(GetVpcEndpointInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetVpcEndpointResult> getVpcEndpoint(GetVpcEndpointArgs args, InvokeOptions options)
public static Output<GetVpcEndpointResult> getVpcEndpoint(GetVpcEndpointArgs args, InvokeOptions options)
fn::invoke:
function: aws:ec2/getVpcEndpoint:getVpcEndpoint
arguments:
# arguments dictionaryThe following arguments are supported:
- Filters
List<Get
Vpc Endpoint Filter> - Custom filter block as described below.
- Id string
- ID of the specific VPC Endpoint to retrieve.
- Service
Name string - Service name of the specific VPC Endpoint to retrieve. For AWS services the service name is usually in the form
com.amazonaws.<region>.<service>(the SageMaker AI Notebook service is an exception to this rule, the service name is in the formaws.sagemaker.<region>.notebook). - State string
- State of the specific VPC Endpoint to retrieve.
- Dictionary<string, string>
- Map of tags, each pair of which must exactly match a pair on the specific VPC Endpoint to retrieve.
- Vpc
Id string ID of the VPC in which the specific VPC Endpoint is used.
More complex filters can be expressed using one or more
filtersub-blocks, which take the following arguments:
- Filters
[]Get
Vpc Endpoint Filter - Custom filter block as described below.
- Id string
- ID of the specific VPC Endpoint to retrieve.
- Service
Name string - Service name of the specific VPC Endpoint to retrieve. For AWS services the service name is usually in the form
com.amazonaws.<region>.<service>(the SageMaker AI Notebook service is an exception to this rule, the service name is in the formaws.sagemaker.<region>.notebook). - State string
- State of the specific VPC Endpoint to retrieve.
- map[string]string
- Map of tags, each pair of which must exactly match a pair on the specific VPC Endpoint to retrieve.
- Vpc
Id string ID of the VPC in which the specific VPC Endpoint is used.
More complex filters can be expressed using one or more
filtersub-blocks, which take the following arguments:
- filters
List<Get
Vpc Endpoint Filter> - Custom filter block as described below.
- id String
- ID of the specific VPC Endpoint to retrieve.
- service
Name String - Service name of the specific VPC Endpoint to retrieve. For AWS services the service name is usually in the form
com.amazonaws.<region>.<service>(the SageMaker AI Notebook service is an exception to this rule, the service name is in the formaws.sagemaker.<region>.notebook). - state String
- State of the specific VPC Endpoint to retrieve.
- Map<String,String>
- Map of tags, each pair of which must exactly match a pair on the specific VPC Endpoint to retrieve.
- vpc
Id String ID of the VPC in which the specific VPC Endpoint is used.
More complex filters can be expressed using one or more
filtersub-blocks, which take the following arguments:
- filters
Get
Vpc Endpoint Filter[] - Custom filter block as described below.
- id string
- ID of the specific VPC Endpoint to retrieve.
- service
Name string - Service name of the specific VPC Endpoint to retrieve. For AWS services the service name is usually in the form
com.amazonaws.<region>.<service>(the SageMaker AI Notebook service is an exception to this rule, the service name is in the formaws.sagemaker.<region>.notebook). - state string
- State of the specific VPC Endpoint to retrieve.
- {[key: string]: string}
- Map of tags, each pair of which must exactly match a pair on the specific VPC Endpoint to retrieve.
- vpc
Id string ID of the VPC in which the specific VPC Endpoint is used.
More complex filters can be expressed using one or more
filtersub-blocks, which take the following arguments:
- filters
Sequence[Get
Vpc Endpoint Filter] - Custom filter block as described below.
- id str
- ID of the specific VPC Endpoint to retrieve.
- service_
name str - Service name of the specific VPC Endpoint to retrieve. For AWS services the service name is usually in the form
com.amazonaws.<region>.<service>(the SageMaker AI Notebook service is an exception to this rule, the service name is in the formaws.sagemaker.<region>.notebook). - state str
- State of the specific VPC Endpoint to retrieve.
- Mapping[str, str]
- Map of tags, each pair of which must exactly match a pair on the specific VPC Endpoint to retrieve.
- vpc_
id str ID of the VPC in which the specific VPC Endpoint is used.
More complex filters can be expressed using one or more
filtersub-blocks, which take the following arguments:
- filters List<Property Map>
- Custom filter block as described below.
- id String
- ID of the specific VPC Endpoint to retrieve.
- service
Name String - Service name of the specific VPC Endpoint to retrieve. For AWS services the service name is usually in the form
com.amazonaws.<region>.<service>(the SageMaker AI Notebook service is an exception to this rule, the service name is in the formaws.sagemaker.<region>.notebook). - state String
- State of the specific VPC Endpoint to retrieve.
- Map<String>
- Map of tags, each pair of which must exactly match a pair on the specific VPC Endpoint to retrieve.
- vpc
Id String ID of the VPC in which the specific VPC Endpoint is used.
More complex filters can be expressed using one or more
filtersub-blocks, which take the following arguments:
getVpcEndpoint Result
The following output properties are available:
- Arn string
- ARN of the VPC endpoint.
- Cidr
Blocks List<string> - List of CIDR blocks for the exposed AWS service. Applicable for endpoints of type
Gateway. - Dns
Entries List<GetVpc Endpoint Dns Entry> - DNS entries for the VPC Endpoint. Applicable for endpoints of type
Interface. DNS entry blocks are documented below. - Dns
Options List<GetVpc Endpoint Dns Option> - DNS options for the VPC Endpoint. DNS options blocks are documented below.
- Id string
- Ip
Address stringType - Network
Interface List<string>Ids - One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type
Interface. - Owner
Id string - ID of the AWS account that owns the VPC endpoint.
- Policy string
- Policy document associated with the VPC Endpoint. Applicable for endpoints of type
Gateway. - Prefix
List stringId - Prefix list ID of the exposed AWS service. Applicable for endpoints of type
Gateway. - Private
Dns boolEnabled - Whether or not the VPC is associated with a private hosted zone -
trueorfalse. Applicable for endpoints of typeInterface. - Requester
Managed bool - Whether or not the VPC Endpoint is being managed by its service -
trueorfalse. - Route
Table List<string>Ids - One or more route tables associated with the VPC Endpoint. Applicable for endpoints of type
Gateway. - Security
Group List<string>Ids - One or more security groups associated with the network interfaces. Applicable for endpoints of type
Interface. - Service
Name string - State string
- Subnet
Ids List<string> - One or more subnets in which the VPC Endpoint is located. Applicable for endpoints of type
Interface. - Dictionary<string, string>
- Vpc
Endpoint stringType - VPC Endpoint type,
GatewayorInterface. - Vpc
Id string - Filters
List<Get
Vpc Endpoint Filter>
- Arn string
- ARN of the VPC endpoint.
- Cidr
Blocks []string - List of CIDR blocks for the exposed AWS service. Applicable for endpoints of type
Gateway. - Dns
Entries []GetVpc Endpoint Dns Entry - DNS entries for the VPC Endpoint. Applicable for endpoints of type
Interface. DNS entry blocks are documented below. - Dns
Options []GetVpc Endpoint Dns Option - DNS options for the VPC Endpoint. DNS options blocks are documented below.
- Id string
- Ip
Address stringType - Network
Interface []stringIds - One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type
Interface. - Owner
Id string - ID of the AWS account that owns the VPC endpoint.
- Policy string
- Policy document associated with the VPC Endpoint. Applicable for endpoints of type
Gateway. - Prefix
List stringId - Prefix list ID of the exposed AWS service. Applicable for endpoints of type
Gateway. - Private
Dns boolEnabled - Whether or not the VPC is associated with a private hosted zone -
trueorfalse. Applicable for endpoints of typeInterface. - Requester
Managed bool - Whether or not the VPC Endpoint is being managed by its service -
trueorfalse. - Route
Table []stringIds - One or more route tables associated with the VPC Endpoint. Applicable for endpoints of type
Gateway. - Security
Group []stringIds - One or more security groups associated with the network interfaces. Applicable for endpoints of type
Interface. - Service
Name string - State string
- Subnet
Ids []string - One or more subnets in which the VPC Endpoint is located. Applicable for endpoints of type
Interface. - map[string]string
- Vpc
Endpoint stringType - VPC Endpoint type,
GatewayorInterface. - Vpc
Id string - Filters
[]Get
Vpc Endpoint Filter
- arn String
- ARN of the VPC endpoint.
- cidr
Blocks List<String> - List of CIDR blocks for the exposed AWS service. Applicable for endpoints of type
Gateway. - dns
Entries List<GetVpc Endpoint Dns Entry> - DNS entries for the VPC Endpoint. Applicable for endpoints of type
Interface. DNS entry blocks are documented below. - dns
Options List<GetVpc Endpoint Dns Option> - DNS options for the VPC Endpoint. DNS options blocks are documented below.
- id String
- ip
Address StringType - network
Interface List<String>Ids - One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type
Interface. - owner
Id String - ID of the AWS account that owns the VPC endpoint.
- policy String
- Policy document associated with the VPC Endpoint. Applicable for endpoints of type
Gateway. - prefix
List StringId - Prefix list ID of the exposed AWS service. Applicable for endpoints of type
Gateway. - private
Dns BooleanEnabled - Whether or not the VPC is associated with a private hosted zone -
trueorfalse. Applicable for endpoints of typeInterface. - requester
Managed Boolean - Whether or not the VPC Endpoint is being managed by its service -
trueorfalse. - route
Table List<String>Ids - One or more route tables associated with the VPC Endpoint. Applicable for endpoints of type
Gateway. - security
Group List<String>Ids - One or more security groups associated with the network interfaces. Applicable for endpoints of type
Interface. - service
Name String - state String
- subnet
Ids List<String> - One or more subnets in which the VPC Endpoint is located. Applicable for endpoints of type
Interface. - Map<String,String>
- vpc
Endpoint StringType - VPC Endpoint type,
GatewayorInterface. - vpc
Id String - filters
List<Get
Vpc Endpoint Filter>
- arn string
- ARN of the VPC endpoint.
- cidr
Blocks string[] - List of CIDR blocks for the exposed AWS service. Applicable for endpoints of type
Gateway. - dns
Entries GetVpc Endpoint Dns Entry[] - DNS entries for the VPC Endpoint. Applicable for endpoints of type
Interface. DNS entry blocks are documented below. - dns
Options GetVpc Endpoint Dns Option[] - DNS options for the VPC Endpoint. DNS options blocks are documented below.
- id string
- ip
Address stringType - network
Interface string[]Ids - One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type
Interface. - owner
Id string - ID of the AWS account that owns the VPC endpoint.
- policy string
- Policy document associated with the VPC Endpoint. Applicable for endpoints of type
Gateway. - prefix
List stringId - Prefix list ID of the exposed AWS service. Applicable for endpoints of type
Gateway. - private
Dns booleanEnabled - Whether or not the VPC is associated with a private hosted zone -
trueorfalse. Applicable for endpoints of typeInterface. - requester
Managed boolean - Whether or not the VPC Endpoint is being managed by its service -
trueorfalse. - route
Table string[]Ids - One or more route tables associated with the VPC Endpoint. Applicable for endpoints of type
Gateway. - security
Group string[]Ids - One or more security groups associated with the network interfaces. Applicable for endpoints of type
Interface. - service
Name string - state string
- subnet
Ids string[] - One or more subnets in which the VPC Endpoint is located. Applicable for endpoints of type
Interface. - {[key: string]: string}
- vpc
Endpoint stringType - VPC Endpoint type,
GatewayorInterface. - vpc
Id string - filters
Get
Vpc Endpoint Filter[]
- arn str
- ARN of the VPC endpoint.
- cidr_
blocks Sequence[str] - List of CIDR blocks for the exposed AWS service. Applicable for endpoints of type
Gateway. - dns_
entries Sequence[GetVpc Endpoint Dns Entry] - DNS entries for the VPC Endpoint. Applicable for endpoints of type
Interface. DNS entry blocks are documented below. - dns_
options Sequence[GetVpc Endpoint Dns Option] - DNS options for the VPC Endpoint. DNS options blocks are documented below.
- id str
- ip_
address_ strtype - network_
interface_ Sequence[str]ids - One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type
Interface. - owner_
id str - ID of the AWS account that owns the VPC endpoint.
- policy str
- Policy document associated with the VPC Endpoint. Applicable for endpoints of type
Gateway. - prefix_
list_ strid - Prefix list ID of the exposed AWS service. Applicable for endpoints of type
Gateway. - private_
dns_ boolenabled - Whether or not the VPC is associated with a private hosted zone -
trueorfalse. Applicable for endpoints of typeInterface. - requester_
managed bool - Whether or not the VPC Endpoint is being managed by its service -
trueorfalse. - route_
table_ Sequence[str]ids - One or more route tables associated with the VPC Endpoint. Applicable for endpoints of type
Gateway. - security_
group_ Sequence[str]ids - One or more security groups associated with the network interfaces. Applicable for endpoints of type
Interface. - service_
name str - state str
- subnet_
ids Sequence[str] - One or more subnets in which the VPC Endpoint is located. Applicable for endpoints of type
Interface. - Mapping[str, str]
- vpc_
endpoint_ strtype - VPC Endpoint type,
GatewayorInterface. - vpc_
id str - filters
Sequence[Get
Vpc Endpoint Filter]
- arn String
- ARN of the VPC endpoint.
- cidr
Blocks List<String> - List of CIDR blocks for the exposed AWS service. Applicable for endpoints of type
Gateway. - dns
Entries List<Property Map> - DNS entries for the VPC Endpoint. Applicable for endpoints of type
Interface. DNS entry blocks are documented below. - dns
Options List<Property Map> - DNS options for the VPC Endpoint. DNS options blocks are documented below.
- id String
- ip
Address StringType - network
Interface List<String>Ids - One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type
Interface. - owner
Id String - ID of the AWS account that owns the VPC endpoint.
- policy String
- Policy document associated with the VPC Endpoint. Applicable for endpoints of type
Gateway. - prefix
List StringId - Prefix list ID of the exposed AWS service. Applicable for endpoints of type
Gateway. - private
Dns BooleanEnabled - Whether or not the VPC is associated with a private hosted zone -
trueorfalse. Applicable for endpoints of typeInterface. - requester
Managed Boolean - Whether or not the VPC Endpoint is being managed by its service -
trueorfalse. - route
Table List<String>Ids - One or more route tables associated with the VPC Endpoint. Applicable for endpoints of type
Gateway. - security
Group List<String>Ids - One or more security groups associated with the network interfaces. Applicable for endpoints of type
Interface. - service
Name String - state String
- subnet
Ids List<String> - One or more subnets in which the VPC Endpoint is located. Applicable for endpoints of type
Interface. - Map<String>
- vpc
Endpoint StringType - VPC Endpoint type,
GatewayorInterface. - vpc
Id String - filters List<Property Map>
Supporting Types
GetVpcEndpointDnsEntry
- Dns
Name string - DNS name.
- Hosted
Zone stringId - ID of the private hosted zone.
- Dns
Name string - DNS name.
- Hosted
Zone stringId - ID of the private hosted zone.
- dns
Name String - DNS name.
- hosted
Zone StringId - ID of the private hosted zone.
- dns
Name string - DNS name.
- hosted
Zone stringId - ID of the private hosted zone.
- dns_
name str - DNS name.
- hosted_
zone_ strid - ID of the private hosted zone.
- dns
Name String - DNS name.
- hosted
Zone StringId - ID of the private hosted zone.
GetVpcEndpointDnsOption
- Dns
Record stringIp Type - The DNS records created for the endpoint.
- Private
Dns boolOnly For Inbound Resolver Endpoint - Indicates whether to enable private DNS only for inbound endpoints.
- Dns
Record stringIp Type - The DNS records created for the endpoint.
- Private
Dns boolOnly For Inbound Resolver Endpoint - Indicates whether to enable private DNS only for inbound endpoints.
- dns
Record StringIp Type - The DNS records created for the endpoint.
- private
Dns BooleanOnly For Inbound Resolver Endpoint - Indicates whether to enable private DNS only for inbound endpoints.
- dns
Record stringIp Type - The DNS records created for the endpoint.
- private
Dns booleanOnly For Inbound Resolver Endpoint - Indicates whether to enable private DNS only for inbound endpoints.
- dns_
record_ strip_ type - The DNS records created for the endpoint.
- private_
dns_ boolonly_ for_ inbound_ resolver_ endpoint - Indicates whether to enable private DNS only for inbound endpoints.
- dns
Record StringIp Type - The DNS records created for the endpoint.
- private
Dns BooleanOnly For Inbound Resolver Endpoint - Indicates whether to enable private DNS only for inbound endpoints.
GetVpcEndpointFilter
- Name string
- Name of the field to filter by, as defined by the underlying AWS API.
- Values List<string>
- Set of values that are accepted for the given field. A VPC Endpoint will be selected if any one of the given values matches.
- Name string
- Name of the field to filter by, as defined by the underlying AWS API.
- Values []string
- Set of values that are accepted for the given field. A VPC Endpoint will be selected if any one of the given values matches.
- name String
- Name of the field to filter by, as defined by the underlying AWS API.
- values List<String>
- Set of values that are accepted for the given field. A VPC Endpoint will be selected if any one of the given values matches.
- name string
- Name of the field to filter by, as defined by the underlying AWS API.
- values string[]
- Set of values that are accepted for the given field. A VPC Endpoint will be selected if any one of the given values matches.
- name str
- Name of the field to filter by, as defined by the underlying AWS API.
- values Sequence[str]
- Set of values that are accepted for the given field. A VPC Endpoint will be selected if any one of the given values matches.
- name String
- Name of the field to filter by, as defined by the underlying AWS API.
- values List<String>
- Set of values that are accepted for the given field. A VPC Endpoint will be selected if any one of the given values matches.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.