pulumi_wasm_providers_aws_mini::ec2

Module vpc_ipam_pool_cidr

source
Expand description

Provisions a CIDR from an IPAM address pool.

NOTE: Provisioning Public IPv4 or Public IPv6 require steps outside the scope of this resource. The resource accepts message and signature as part of the cidr_authorization_context attribute but those must be generated ahead of time. Public IPv6 CIDRs that are provisioned into a Pool with publicly_advertisable = true and all public IPv4 CIDRs also require creating a Route Origin Authorization (ROA) object in your Regional Internet Registry (RIR).

NOTE: In order to deprovision CIDRs all Allocations must be released. Allocations created by a VPC take up to 30 minutes to be released. However, for IPAM to properly manage the removal of allocation records created by VPCs and other resources, you must grant it permissions in either a single account or organizationally. If you are unable to deprovision a cidr after waiting over 30 minutes, you may be missing the Service Linked Role.

§Example Usage

Basic usage:

resources:
  example:
    type: aws:ec2:VpcIpam
    properties:
      operatingRegions:
        - regionName: ${current.name}
  exampleVpcIpamPool:
    type: aws:ec2:VpcIpamPool
    name: example
    properties:
      addressFamily: ipv4
      ipamScopeId: ${example.privateDefaultScopeId}
      locale: ${current.name}
  exampleVpcIpamPoolCidr:
    type: aws:ec2:VpcIpamPoolCidr
    name: example
    properties:
      ipamPoolId: ${exampleVpcIpamPool.id}
      cidr: 172.20.0.0/16
variables:
  current:
    fn::invoke:
      function: aws:getRegion
      arguments: {}

Provision Public IPv6 Pool CIDRs:

resources:
  example:
    type: aws:ec2:VpcIpam
    properties:
      operatingRegions:
        - regionName: ${current.name}
  ipv6TestPublic:
    type: aws:ec2:VpcIpamPool
    name: ipv6_test_public
    properties:
      addressFamily: ipv6
      ipamScopeId: ${example.publicDefaultScopeId}
      locale: us-east-1
      description: public ipv6
      publiclyAdvertisable: false
      publicIpSource: amazon
      awsService: ec2
  ipv6TestPublicVpcIpamPoolCidr:
    type: aws:ec2:VpcIpamPoolCidr
    name: ipv6_test_public
    properties:
      ipamPoolId: ${ipv6TestPublic.id}
      netmaskLength: 52
variables:
  current:
    fn::invoke:
      function: aws:getRegion
      arguments: {}

§Import

Using pulumi import, import IPAMs using the <cidr>_<ipam-pool-id>. For example:

NOTE: Do not use the IPAM Pool Cidr ID as this was introduced after the resource already existed.

$ pulumi import aws:ec2/vpcIpamPoolCidr:VpcIpamPoolCidr example 172.20.0.0/24_ipam-pool-0e634f5a1517cccdc

Structs§

Functions§

  • create
    Registers a new resource with the given unique name and arguments