pulumi-aws-kotlin/com.pulumi.aws.emr.kotlin/BlockPublicAccessConfigurationArgs

BlockPublicAccessConfigurationArgs

data class BlockPublicAccessConfigurationArgs(val blockPublicSecurityGroupRules: Output<Boolean>? = null, val permittedPublicSecurityGroupRuleRanges: Output<List<BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs>>? = null) : ConvertibleToJava<BlockPublicAccessConfigurationArgs>

Resource for managing an AWS EMR block public access configuration. This region level security configuration restricts the launch of EMR clusters that have associated security groups permitting public access on unspecified ports. See the EMR Block Public Access Configuration documentation for further information.

Example Usage

Basic Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.emr.BlockPublicAccessConfiguration("example", {blockPublicSecurityGroupRules: true});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.emr.BlockPublicAccessConfiguration("example", block_public_security_group_rules=True)
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var example = new Aws.Emr.BlockPublicAccessConfiguration("example", new()
    {
        BlockPublicSecurityGroupRules = true,
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := emr.NewBlockPublicAccessConfiguration(ctx, "example", &emr.BlockPublicAccessConfigurationArgs{
			BlockPublicSecurityGroupRules: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.emr.BlockPublicAccessConfiguration;
import com.pulumi.aws.emr.BlockPublicAccessConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new BlockPublicAccessConfiguration("example", BlockPublicAccessConfigurationArgs.builder()
            .blockPublicSecurityGroupRules(true)
            .build());
    }
}
Content copied to clipboard
resources:
  example:
    type: aws:emr:BlockPublicAccessConfiguration
    properties:
      blockPublicSecurityGroupRules: true
Content copied to clipboard

Default Configuration

By default, each AWS region is equipped with a block public access configuration that prevents EMR clusters from being launched if they have security group rules permitting public access on any port except for port 22. The default configuration can be managed using this resource.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.emr.BlockPublicAccessConfiguration("example", {
    blockPublicSecurityGroupRules: true,
    permittedPublicSecurityGroupRuleRanges: [{
        minRange: 22,
        maxRange: 22,
    }],
});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.emr.BlockPublicAccessConfiguration("example",
    block_public_security_group_rules=True,
    permitted_public_security_group_rule_ranges=[{
        "min_range": 22,
        "max_range": 22,
    }])
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var example = new Aws.Emr.BlockPublicAccessConfiguration("example", new()
    {
        BlockPublicSecurityGroupRules = true,
        PermittedPublicSecurityGroupRuleRanges = new[]
        {
            new Aws.Emr.Inputs.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs
            {
                MinRange = 22,
                MaxRange = 22,
            },
        },
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := emr.NewBlockPublicAccessConfiguration(ctx, "example", &emr.BlockPublicAccessConfigurationArgs{
			BlockPublicSecurityGroupRules: pulumi.Bool(true),
			PermittedPublicSecurityGroupRuleRanges: emr.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArray{
				&emr.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs{
					MinRange: pulumi.Int(22),
					MaxRange: pulumi.Int(22),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.emr.BlockPublicAccessConfiguration;
import com.pulumi.aws.emr.BlockPublicAccessConfigurationArgs;
import com.pulumi.aws.emr.inputs.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new BlockPublicAccessConfiguration("example", BlockPublicAccessConfigurationArgs.builder()
            .blockPublicSecurityGroupRules(true)
            .permittedPublicSecurityGroupRuleRanges(BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs.builder()
                .minRange(22)
                .maxRange(22)
                .build())
            .build());
    }
}
Content copied to clipboard
resources:
  example:
    type: aws:emr:BlockPublicAccessConfiguration
    properties:
      blockPublicSecurityGroupRules: true
      permittedPublicSecurityGroupRuleRanges:
        - minRange: 22
          maxRange: 22
Content copied to clipboard

NOTE: If an aws.emr.BlockPublicAccessConfiguration resource is destroyed, the configuration will reset to this default configuration.

Multiple Permitted Public Security Group Rule Ranges

The resource permits specification of multiple permitted_public_security_group_rule_range blocks.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.emr.BlockPublicAccessConfiguration("example", {
    blockPublicSecurityGroupRules: true,
    permittedPublicSecurityGroupRuleRanges: [
        {
            minRange: 22,
            maxRange: 22,
        },
        {
            minRange: 100,
            maxRange: 101,
        },
    ],
});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.emr.BlockPublicAccessConfiguration("example",
    block_public_security_group_rules=True,
    permitted_public_security_group_rule_ranges=[
        {
            "min_range": 22,
            "max_range": 22,
        },
        {
            "min_range": 100,
            "max_range": 101,
        },
    ])
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var example = new Aws.Emr.BlockPublicAccessConfiguration("example", new()
    {
        BlockPublicSecurityGroupRules = true,
        PermittedPublicSecurityGroupRuleRanges = new[]
        {
            new Aws.Emr.Inputs.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs
            {
                MinRange = 22,
                MaxRange = 22,
            },
            new Aws.Emr.Inputs.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs
            {
                MinRange = 100,
                MaxRange = 101,
            },
        },
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := emr.NewBlockPublicAccessConfiguration(ctx, "example", &emr.BlockPublicAccessConfigurationArgs{
			BlockPublicSecurityGroupRules: pulumi.Bool(true),
			PermittedPublicSecurityGroupRuleRanges: emr.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArray{
				&emr.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs{
					MinRange: pulumi.Int(22),
					MaxRange: pulumi.Int(22),
				},
				&emr.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs{
					MinRange: pulumi.Int(100),
					MaxRange: pulumi.Int(101),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.emr.BlockPublicAccessConfiguration;
import com.pulumi.aws.emr.BlockPublicAccessConfigurationArgs;
import com.pulumi.aws.emr.inputs.BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new BlockPublicAccessConfiguration("example", BlockPublicAccessConfigurationArgs.builder()
            .blockPublicSecurityGroupRules(true)
            .permittedPublicSecurityGroupRuleRanges(
                BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs.builder()
                    .minRange(22)
                    .maxRange(22)
                    .build(),
                BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs.builder()
                    .minRange(100)
                    .maxRange(101)
                    .build())
            .build());
    }
}
Content copied to clipboard
resources:
  example:
    type: aws:emr:BlockPublicAccessConfiguration
    properties:
      blockPublicSecurityGroupRules: true
      permittedPublicSecurityGroupRuleRanges:
        - minRange: 22
          maxRange: 22
        - minRange: 100
          maxRange: 101
Content copied to clipboard

Disabling Block Public Access

To permit EMR clusters to be launched in the configured region regardless of associated security group rules, the Block Public Access feature can be disabled using this resource.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.emr.BlockPublicAccessConfiguration("example", {blockPublicSecurityGroupRules: false});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.emr.BlockPublicAccessConfiguration("example", block_public_security_group_rules=False)
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var example = new Aws.Emr.BlockPublicAccessConfiguration("example", new()
    {
        BlockPublicSecurityGroupRules = false,
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/emr"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := emr.NewBlockPublicAccessConfiguration(ctx, "example", &emr.BlockPublicAccessConfigurationArgs{
			BlockPublicSecurityGroupRules: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.emr.BlockPublicAccessConfiguration;
import com.pulumi.aws.emr.BlockPublicAccessConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new BlockPublicAccessConfiguration("example", BlockPublicAccessConfigurationArgs.builder()
            .blockPublicSecurityGroupRules(false)
            .build());
    }
}
Content copied to clipboard
resources:
  example:
    type: aws:emr:BlockPublicAccessConfiguration
    properties:
      blockPublicSecurityGroupRules: false
Content copied to clipboard

Import

Using pulumi import, import the current EMR Block Public Access Configuration. For example:

$ pulumi import aws:emr/blockPublicAccessConfiguration:BlockPublicAccessConfiguration example current
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(blockPublicSecurityGroupRules: Output<Boolean>? = null, permittedPublicSecurityGroupRuleRanges: Output<List<BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs>>? = null)

Properties

Link copied to clipboard
val blockPublicSecurityGroupRules: Output<Boolean>? = null

Enable or disable EMR Block Public Access. The following arguments are optional:

Link copied to clipboard
val permittedPublicSecurityGroupRuleRanges: Output<List<BlockPublicAccessConfigurationPermittedPublicSecurityGroupRuleRangeArgs>>? = null

Configuration block for defining permitted public security group rule port ranges. Can be defined multiple times per resource. Only valid if block_public_security_group_rules is set to true.

Functions

Link copied to clipboard
open override fun toJava(): BlockPublicAccessConfigurationArgs