aws_ec2_settings

account_id

Type: STRING

allowed_amis

Type: STRUCT
Provider name: GetAllowedImagesSettingsResult

  • image_criteria
    Type: UNORDERED_LIST_STRUCT
    Provider name: ImageCriteria
    Description: The list of criteria for images that are discoverable and usable in the account in the specified Amazon Web Services Region.
    • image_providers
      Type: UNORDERED_LIST_STRING
      Provider name: ImageProviders
      Description: A list of AMI providers whose AMIs are discoverable and useable in the account. Up to a total of 200 values can be specified. Possible values: amazon: Allow AMIs created by Amazon Web Services. aws-marketplace: Allow AMIs created by verified providers in the Amazon Web Services Marketplace. aws-backup-vault: Allow AMIs created by Amazon Web Services Backup. 12-digit account ID: Allow AMIs created by this account. One or more account IDs can be specified. none: Allow AMIs created by your own account only.
  • managed_by
    Type: STRING
    Provider name: ManagedBy
    Description: The entity that manages the Allowed AMIs settings. Possible values include:
    • account - The Allowed AMIs settings is managed by the account.
    • declarative-policy - The Allowed AMIs settings is managed by a declarative policy and can’t be modified by the account.
  • state
    Type: STRING
    Provider name: State
    Description: The current state of the Allowed AMIs setting at the account level in the specified Amazon Web Services Region. Possible values:
    • disabled: All AMIs are allowed.
    • audit-mode: All AMIs are allowed, but the ImageAllowed field is set to true if the AMI would be allowed with the current list of criteria if allowed AMIs was enabled.
    • enabled: Only AMIs matching the image criteria are discoverable and available for use.

ebs_default_kms_key_id

Type: STRING
Provider name: KmsKeyId
Description: The Amazon Resource Name (ARN) of the default KMS key for encryption by default.

ebs_encryption_by_default

Type: BOOLEAN
Provider name: EbsEncryptionByDefault
Description: Indicates whether encryption by default is enabled.

image_block_public_access

Type: STRUCT
Provider name: GetImageBlockPublicAccessStateResult

  • image_block_public_access_state
    Type: STRING
    Provider name: ImageBlockPublicAccessState
    Description: The current state of block public access for AMIs at the account level in the specified Amazon Web Services Region. Possible values:
    • block-new-sharing - Any attempt to publicly share your AMIs in the specified Region is blocked.
    • unblocked - Your AMIs in the specified Region can be publicly shared.
  • managed_by
    Type: STRING
    Provider name: ManagedBy
    Description: The entity that manages the state for block public access for AMIs. Possible values include:
    • account - The state is managed by the account.
    • declarative-policy - The state is managed by a declarative policy and can’t be modified by the account.

imds_defaults

Type: STRUCT
Provider name: AccountLevel
Description: The account-level default IMDS settings.

  • http_endpoint
    Type: STRING
    Provider name: HttpEndpoint
    Description: Indicates whether the IMDS endpoint for an instance is enabled or disabled. When disabled, the instance metadata can’t be accessed.
  • http_put_response_hop_limit
    Type: INT32
    Provider name: HttpPutResponseHopLimit
    Description: The maximum number of hops that the metadata token can travel.
  • http_tokens
    Type: STRING
    Provider name: HttpTokens
    Description: Indicates whether IMDSv2 is required.
    • optional – IMDSv2 is optional, which means that you can use either IMDSv2 or IMDSv1.
    • required – IMDSv2 is required, which means that IMDSv1 is disabled, and you must use IMDSv2.
  • instance_metadata_tags
    Type: STRING
    Provider name: InstanceMetadataTags
    Description: Indicates whether access to instance tags from the instance metadata is enabled or disabled. For more information, see Work with instance tags using the instance metadata in the Amazon EC2 User Guide.
  • managed_by
    Type: STRING
    Provider name: ManagedBy
    Description: The entity that manages the IMDS default settings. Possible values include:
    • account - The IMDS default settings are managed by the account.
    • declarative-policy - The IMDS default settings are managed by a declarative policy and can’t be modified by the account.
  • managed_exception_message
    Type: STRING
    Provider name: ManagedExceptionMessage
    Description: The customized exception message that is specified in the declarative policy.

serial_console

Type: STRUCT
Provider name: GetSerialConsoleAccessStatusResult

  • managed_by
    Type: STRING
    Provider name: ManagedBy
    Description: The entity that manages access to the serial console. Possible values include:
    • account - Access is managed by the account.
    • declarative-policy - Access is managed by a declarative policy and can’t be modified by the account.
  • serial_console_access_enabled
    Type: BOOLEAN
    Provider name: SerialConsoleAccessEnabled
    Description: If true, access to the EC2 serial console of all instances is enabled for your account. If false, access to the EC2 serial console of all instances is disabled for your account.

snapshot_block_public_access

Type: STRUCT
Provider name: GetSnapshotBlockPublicAccessStateResult

  • managed_by
    Type: STRING
    Provider name: ManagedBy
    Description: The entity that manages the state for block public access for snapshots. Possible values include:
    • account - The state is managed by the account.
    • declarative-policy - The state is managed by a declarative policy and can’t be modified by the account.
  • state
    Type: STRING
    Provider name: State
    Description: The current state of block public access for snapshots. Possible values include:
    • block-all-sharing - All public sharing of snapshots is blocked. Users in the account can’t request new public sharing. Additionally, snapshots that were already publicly shared are treated as private and are not publicly available.
    • block-new-sharing - Only new public sharing of snapshots is blocked. Users in the account can’t request new public sharing. However, snapshots that were already publicly shared, remain publicly available.
    • unblocked - Public sharing is not blocked. Users can publicly share snapshots.

sse_type

Type: STRING
Provider name: SseType
Description: Reserved for future use.

tags

Type: UNORDERED_LIST_STRING

vpc_block_public_access_exclusions

Type: UNORDERED_LIST_STRUCT
Provider name: VpcBlockPublicAccessExclusions
Description: Details related to the exclusions.

  • creation_timestamp
    Type: TIMESTAMP
    Provider name: CreationTimestamp
    Description: When the exclusion was created.
  • deletion_timestamp
    Type: TIMESTAMP
    Provider name: DeletionTimestamp
    Description: When the exclusion was deleted.
  • exclusion_id
    Type: STRING
    Provider name: ExclusionId
    Description: The ID of the exclusion.
  • internet_gateway_exclusion_mode
    Type: STRING
    Provider name: InternetGatewayExclusionMode
    Description: The exclusion mode for internet gateway traffic.
    • allow-bidirectional: Allow all internet traffic to and from the excluded VPCs and subnets.
    • allow-egress: Allow outbound internet traffic from the excluded VPCs and subnets. Block inbound internet traffic to the excluded VPCs and subnets. Only applies when VPC Block Public Access is set to Bidirectional.
  • last_update_timestamp
    Type: TIMESTAMP
    Provider name: LastUpdateTimestamp
    Description: When the exclusion was last updated.
  • reason
    Type: STRING
    Provider name: Reason
    Description: The reason for the current exclusion state.
  • resource_arn
    Type: STRING
    Provider name: ResourceArn
    Description: The ARN of the exclusion.
  • state
    Type: STRING
    Provider name: State
    Description: The state of the exclusion.

vpc_block_public_access_options

Type: STRUCT
Provider name: VpcBlockPublicAccessOptions
Description: Details related to the options.

  • aws_account_id
    Type: STRING
    Provider name: AwsAccountId
    Description: An Amazon Web Services account ID.
  • aws_region
    Type: STRING
    Provider name: AwsRegion
    Description: An Amazon Web Services Region.
  • exclusions_allowed
    Type: STRING
    Provider name: ExclusionsAllowed
    Description: Determines if exclusions are allowed. If you have enabled VPC BPA at the Organization level, exclusions may be not-allowed. Otherwise, they are allowed.
  • internet_gateway_block_mode
    Type: STRING
    Provider name: InternetGatewayBlockMode
    Description: The current mode of VPC BPA.
    • off: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.
    • block-bidirectional: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).
    • block-ingress: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.
  • last_update_timestamp
    Type: TIMESTAMP
    Provider name: LastUpdateTimestamp
    Description: The last time the VPC BPA mode was updated.
  • managed_by
    Type: STRING
    Provider name: ManagedBy
    Description: The entity that manages the state of VPC BPA. Possible values include:
    • account - The state is managed by the account.
    • declarative-policy - The state is managed by a declarative policy and can’t be modified by the account.
  • reason
    Type: STRING
    Provider name: Reason
    Description: The reason for the current state.
  • state
    Type: STRING
    Provider name: State
    Description: The current state of VPC BPA.
PREVIEWING: guacbot/translation-pipeline