pulumi-aws-kotlin/com.pulumi.aws.networkmanager.kotlin/CoreNetworkArgs

CoreNetworkArgs

data class CoreNetworkArgs(val basePolicyRegion: Output<String>? = null, val basePolicyRegions: Output<List<String>>? = null, val createBasePolicy: Output<Boolean>? = null, val description: Output<String>? = null, val globalNetworkId: Output<String>? = null, val policyDocument: Output<String>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<CoreNetworkArgs>

Provides a core network resource.

NOTE on Core Networks and Policy Attachments: For a given core network, this resource's policy_document argument is incompatible with using the aws.networkmanager.CoreNetworkPolicyAttachment resource. When using this resource's policy_document argument and the aws.networkmanager.CoreNetworkPolicyAttachment resource, both will attempt to manage the core network's policy document and Pulumi will show a permanent difference.

Example Usage

Basic

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkmanager.CoreNetwork;
import com.pulumi.aws.networkmanager.CoreNetworkArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new CoreNetwork("example", CoreNetworkArgs.builder()
            .globalNetworkId(aws_networkmanager_global_network.example().id())
            .build());
    }
}

With description

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkmanager.CoreNetwork;
import com.pulumi.aws.networkmanager.CoreNetworkArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new CoreNetwork("example", CoreNetworkArgs.builder()
            .globalNetworkId(aws_networkmanager_global_network.example().id())
            .description("example")
            .build());
    }
}

With tags

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkmanager.CoreNetwork;
import com.pulumi.aws.networkmanager.CoreNetworkArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new CoreNetwork("example", CoreNetworkArgs.builder()
            .globalNetworkId(aws_networkmanager_global_network.example().id())
            .tags(Map.of("hello", "world"))
            .build());
    }
}

With VPC Attachment (Single Region)

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkmanager.GlobalNetwork;
import com.pulumi.aws.networkmanager.CoreNetwork;
import com.pulumi.aws.networkmanager.CoreNetworkArgs;
import com.pulumi.aws.networkmanager.VpcAttachment;
import com.pulumi.aws.networkmanager.VpcAttachmentArgs;
import com.pulumi.aws.networkmanager.NetworkmanagerFunctions;
import com.pulumi.aws.networkmanager.inputs.GetCoreNetworkPolicyDocumentArgs;
import com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachment;
import com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleGlobalNetwork = new GlobalNetwork("exampleGlobalNetwork");
        var exampleCoreNetwork = new CoreNetwork("exampleCoreNetwork", CoreNetworkArgs.builder()
            .globalNetworkId(exampleGlobalNetwork.id())
            .createBasePolicy(true)
            .build());
        var exampleVpcAttachment = new VpcAttachment("exampleVpcAttachment", VpcAttachmentArgs.builder()
            .coreNetworkId(exampleCoreNetwork.id())
            .subnetArns(aws_subnet.example().stream().map(element -> element.arn()).collect(toList()))
            .vpcArn(aws_vpc.example().arn())
            .build());
        final var exampleCoreNetworkPolicyDocument = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()
            .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()
                .asnRanges("65022-65534")
                .edgeLocations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()
                    .location("us-west-2")
                    .build())
                .build())
            .segments(GetCoreNetworkPolicyDocumentSegmentArgs.builder()
                .name("segment")
                .build())
            .segmentActions(GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()
                .action("create-route")
                .segment("segment")
                .destinationCidrBlocks("0.0.0.0/0")
                .destinations(exampleVpcAttachment.id())
                .build())
            .build());
        var exampleCoreNetworkPolicyAttachment = new CoreNetworkPolicyAttachment("exampleCoreNetworkPolicyAttachment", CoreNetworkPolicyAttachmentArgs.builder()
            .coreNetworkId(exampleCoreNetwork.id())
            .policyDocument(exampleCoreNetworkPolicyDocument.applyValue(getCoreNetworkPolicyDocumentResult -> getCoreNetworkPolicyDocumentResult).applyValue(exampleCoreNetworkPolicyDocument -> exampleCoreNetworkPolicyDocument.applyValue(getCoreNetworkPolicyDocumentResult -> getCoreNetworkPolicyDocumentResult.json())))
            .build());
    }
}

With VPC Attachment (Multi-Region)

The example below illustrates the scenario where your policy document has static routes pointing to VPC attachments and you want to attach your VPCs to the core network before applying the desired policy document. Set the create_base_policy argument of the aws.networkmanager.CoreNetwork resource to true if your core network does not currently have any LIVE policies (e.g. this is the first pulumi up with the core network resource), since a LIVE policy is required before VPCs can be attached to the core network. Otherwise, if your core network already has a LIVE policy, you may exclude the create_base_policy argument. For multi-region in a core network that does not yet have a LIVE policy, pass a list of regions to the aws.networkmanager.CoreNetwork base_policy_regions argument. In the example below, us-west-2 and us-east-1 are specified in the base policy.

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkmanager.GlobalNetwork;
import com.pulumi.aws.networkmanager.CoreNetwork;
import com.pulumi.aws.networkmanager.CoreNetworkArgs;
import com.pulumi.aws.networkmanager.VpcAttachment;
import com.pulumi.aws.networkmanager.VpcAttachmentArgs;
import com.pulumi.aws.networkmanager.NetworkmanagerFunctions;
import com.pulumi.aws.networkmanager.inputs.GetCoreNetworkPolicyDocumentArgs;
import com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachment;
import com.pulumi.aws.networkmanager.CoreNetworkPolicyAttachmentArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleGlobalNetwork = new GlobalNetwork("exampleGlobalNetwork");
        var exampleCoreNetwork = new CoreNetwork("exampleCoreNetwork", CoreNetworkArgs.builder()
            .globalNetworkId(exampleGlobalNetwork.id())
            .basePolicyRegions(
                "us-west-2",
                "us-east-1")
            .createBasePolicy(true)
            .build());
        var exampleUsWest2 = new VpcAttachment("exampleUsWest2", VpcAttachmentArgs.builder()
            .coreNetworkId(exampleCoreNetwork.id())
            .subnetArns(aws_subnet.example_us_west_2().stream().map(element -> element.arn()).collect(toList()))
            .vpcArn(aws_vpc.example_us_west_2().arn())
            .build());
        var exampleUsEast1 = new VpcAttachment("exampleUsEast1", VpcAttachmentArgs.builder()
            .coreNetworkId(exampleCoreNetwork.id())
            .subnetArns(aws_subnet.example_us_east_1().stream().map(element -> element.arn()).collect(toList()))
            .vpcArn(aws_vpc.example_us_east_1().arn())
            .build(), CustomResourceOptions.builder()
                .provider("alternate")
                .build());
        final var exampleCoreNetworkPolicyDocument = NetworkmanagerFunctions.getCoreNetworkPolicyDocument(GetCoreNetworkPolicyDocumentArgs.builder()
            .coreNetworkConfigurations(GetCoreNetworkPolicyDocumentCoreNetworkConfigurationArgs.builder()
                .asnRanges("65022-65534")
                .edgeLocations(
                    GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()
                        .location("us-west-2")
                        .build(),
                    GetCoreNetworkPolicyDocumentCoreNetworkConfigurationEdgeLocationArgs.builder()
                        .location("us-east-1")
                        .build())
                .build())
            .segments(
                GetCoreNetworkPolicyDocumentSegmentArgs.builder()
                    .name("segment")
                    .build(),
                GetCoreNetworkPolicyDocumentSegmentArgs.builder()
                    .name("segment2")
                    .build())
            .segmentActions(
                GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()
                    .action("create-route")
                    .segment("segment")
                    .destinationCidrBlocks("10.0.0.0/16")
                    .destinations(exampleUsWest2.id())
                    .build(),
                GetCoreNetworkPolicyDocumentSegmentActionArgs.builder()
                    .action("create-route")
                    .segment("segment")
                    .destinationCidrBlocks("10.1.0.0/16")
                    .destinations(exampleUsEast1.id())
                    .build())
            .build());
        var exampleCoreNetworkPolicyAttachment = new CoreNetworkPolicyAttachment("exampleCoreNetworkPolicyAttachment", CoreNetworkPolicyAttachmentArgs.builder()
            .coreNetworkId(exampleCoreNetwork.id())
            .policyDocument(exampleCoreNetworkPolicyDocument.applyValue(getCoreNetworkPolicyDocumentResult -> getCoreNetworkPolicyDocumentResult).applyValue(exampleCoreNetworkPolicyDocument -> exampleCoreNetworkPolicyDocument.applyValue(getCoreNetworkPolicyDocumentResult -> getCoreNetworkPolicyDocumentResult.json())))
            .build());
    }
}

Import

aws_networkmanager_core_network can be imported using the core network ID, e.g.

$ pulumi import aws:networkmanager/coreNetwork:CoreNetwork example core-network-0d47f6t230mz46dy4

Constructors

CoreNetworkArgs

constructor(basePolicyRegion: Output<String>? = null, basePolicyRegions: Output<List<String>>? = null, createBasePolicy: Output<Boolean>? = null, description: Output<String>? = null, globalNetworkId: Output<String>? = null, policyDocument: Output<String>? = null, tags: Output<Map<String, String>>? = null)

Properties

basePolicyRegion

val ~~basePolicyRegion~~: Output<String>? = null

The base policy created by setting the create_base_policy argument to true requires a region to be set in the edge-locations, location key. If base_policy_region is not specified, the region used in the base policy defaults to the region specified in the provider block.

basePolicyRegions

val basePolicyRegions: Output<List<String>>? = null

A list of regions to add to the base policy. The base policy created by setting the create_base_policy argument to true requires one or more regions to be set in the edge-locations, location key. If base_policy_regions is not specified, the region used in the base policy defaults to the region specified in the provider block.

createBasePolicy

val createBasePolicy: Output<Boolean>? = null

Specifies whether to create a base policy when a core network is created or updated. A base policy is created and set to LIVE to allow attachments to the core network (e.g. VPC Attachments) before applying a policy document provided using the aws.networkmanager.CoreNetworkPolicyAttachment resource. This base policy is needed if your core network does not have any LIVE policies (e.g. a core network resource created without the policy_document argument) and your policy document has static routes pointing to VPC attachments and you want to attach your VPCs to the core network before applying the desired policy document. Valid values are true or false. Conflicts with policy_document. An example of this snippet can be found above for VPC Attachment in a single region and for VPC Attachment multi-region. An example base policy is shown below. This base policy is overridden with the policy that you specify in the aws.networkmanager.CoreNetworkPolicyAttachment resource.

description

val description: Output<String>? = null

Description of the Core Network.

globalNetworkId

val globalNetworkId: Output<String>? = null

The ID of the global network that a core network will be a part of.

policyDocument

val ~~policyDocument~~: Output<String>? = null

Policy document for creating a core network. Note that updating this argument will result in the new policy document version being set as the LATEST and LIVE policy document. Refer to the Core network policies documentation for more information. Conflicts with create_base_policy.

Functions

toJava

open override fun toJava(): CoreNetworkArgs