Docs Home
Azure DevOps v3.8.0 published on Monday, Mar 17, 2025 by Pulumi
azuredevops.ServiceEndpointAws
Explore with Pulumi AI
Manages a AWS service endpoint within Azure DevOps. Using this service endpoint requires you to first install AWS Toolkit for Azure DevOps.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azuredevops from "@pulumi/azuredevops";
const example = new azuredevops.Project("example", {
name: "Example Project",
visibility: "private",
versionControl: "Git",
workItemTemplate: "Agile",
description: "Managed by Pulumi",
});
const exampleServiceEndpointAws = new azuredevops.ServiceEndpointAws("example", {
projectId: example.id,
serviceEndpointName: "Example AWS",
accessKeyId: "00000000-0000-0000-0000-000000000000",
secretAccessKey: "accesskey",
description: "Managed by AzureDevOps",
});
import pulumi
import pulumi_azuredevops as azuredevops
example = azuredevops.Project("example",
name="Example Project",
visibility="private",
version_control="Git",
work_item_template="Agile",
description="Managed by Pulumi")
example_service_endpoint_aws = azuredevops.ServiceEndpointAws("example",
project_id=example.id,
service_endpoint_name="Example AWS",
access_key_id="00000000-0000-0000-0000-000000000000",
secret_access_key="accesskey",
description="Managed by AzureDevOps")
package main
import (
"github.com/pulumi/pulumi-azuredevops/sdk/v3/go/azuredevops"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := azuredevops.NewProject(ctx, "example", &azuredevops.ProjectArgs{
Name: pulumi.String("Example Project"),
Visibility: pulumi.String("private"),
VersionControl: pulumi.String("Git"),
WorkItemTemplate: pulumi.String("Agile"),
Description: pulumi.String("Managed by Pulumi"),
})
if err != nil {
return err
}
_, err = azuredevops.NewServiceEndpointAws(ctx, "example", &azuredevops.ServiceEndpointAwsArgs{
ProjectId: example.ID(),
ServiceEndpointName: pulumi.String("Example AWS"),
AccessKeyId: pulumi.String("00000000-0000-0000-0000-000000000000"),
SecretAccessKey: pulumi.String("accesskey"),
Description: pulumi.String("Managed by AzureDevOps"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureDevOps = Pulumi.AzureDevOps;
return await Deployment.RunAsync(() =>
{
var example = new AzureDevOps.Project("example", new()
{
Name = "Example Project",
Visibility = "private",
VersionControl = "Git",
WorkItemTemplate = "Agile",
Description = "Managed by Pulumi",
});
var exampleServiceEndpointAws = new AzureDevOps.ServiceEndpointAws("example", new()
{
ProjectId = example.Id,
ServiceEndpointName = "Example AWS",
AccessKeyId = "00000000-0000-0000-0000-000000000000",
SecretAccessKey = "accesskey",
Description = "Managed by AzureDevOps",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuredevops.Project;
import com.pulumi.azuredevops.ProjectArgs;
import com.pulumi.azuredevops.ServiceEndpointAws;
import com.pulumi.azuredevops.ServiceEndpointAwsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Project("example", ProjectArgs.builder()
.name("Example Project")
.visibility("private")
.versionControl("Git")
.workItemTemplate("Agile")
.description("Managed by Pulumi")
.build());
var exampleServiceEndpointAws = new ServiceEndpointAws("exampleServiceEndpointAws", ServiceEndpointAwsArgs.builder()
.projectId(example.id())
.serviceEndpointName("Example AWS")
.accessKeyId("00000000-0000-0000-0000-000000000000")
.secretAccessKey("accesskey")
.description("Managed by AzureDevOps")
.build());
}
}
resources:
example:
type: azuredevops:Project
properties:
name: Example Project
visibility: private
versionControl: Git
workItemTemplate: Agile
description: Managed by Pulumi
exampleServiceEndpointAws:
type: azuredevops:ServiceEndpointAws
name: example
properties:
projectId: ${example.id}
serviceEndpointName: Example AWS
accessKeyId: 00000000-0000-0000-0000-000000000000
secretAccessKey: accesskey
description: Managed by AzureDevOps
Relevant Links
Create ServiceEndpointAws Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ServiceEndpointAws(name: string, args: ServiceEndpointAwsArgs, opts?: CustomResourceOptions);@overload
def ServiceEndpointAws(resource_name: str,
args: ServiceEndpointAwsArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ServiceEndpointAws(resource_name: str,
opts: Optional[ResourceOptions] = None,
project_id: Optional[str] = None,
service_endpoint_name: Optional[str] = None,
access_key_id: Optional[str] = None,
description: Optional[str] = None,
external_id: Optional[str] = None,
role_session_name: Optional[str] = None,
role_to_assume: Optional[str] = None,
secret_access_key: Optional[str] = None,
session_token: Optional[str] = None,
use_oidc: Optional[bool] = None)func NewServiceEndpointAws(ctx *Context, name string, args ServiceEndpointAwsArgs, opts ...ResourceOption) (*ServiceEndpointAws, error)public ServiceEndpointAws(string name, ServiceEndpointAwsArgs args, CustomResourceOptions? opts = null)public ServiceEndpointAws(String name, ServiceEndpointAwsArgs args)
public ServiceEndpointAws(String name, ServiceEndpointAwsArgs args, CustomResourceOptions options)
type: azuredevops:ServiceEndpointAws
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. ServiceEndpointAwsArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. ServiceEndpointAwsArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. ServiceEndpointAwsArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. ServiceEndpointAwsArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. ServiceEndpointAwsArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var serviceEndpointAwsResource = new AzureDevOps.ServiceEndpointAws("serviceEndpointAwsResource", new()
{
ProjectId = "string",
ServiceEndpointName = "string",
AccessKeyId = "string",
Description = "string",
ExternalId = "string",
RoleSessionName = "string",
RoleToAssume = "string",
SecretAccessKey = "string",
SessionToken = "string",
UseOidc = false,
});
example, err := azuredevops.NewServiceEndpointAws(ctx, "serviceEndpointAwsResource", &azuredevops.ServiceEndpointAwsArgs{
ProjectId: pulumi.String("string"),
ServiceEndpointName: pulumi.String("string"),
AccessKeyId: pulumi.String("string"),
Description: pulumi.String("string"),
ExternalId: pulumi.String("string"),
RoleSessionName: pulumi.String("string"),
RoleToAssume: pulumi.String("string"),
SecretAccessKey: pulumi.String("string"),
SessionToken: pulumi.String("string"),
UseOidc: pulumi.Bool(false),
})
var serviceEndpointAwsResource = new ServiceEndpointAws("serviceEndpointAwsResource", ServiceEndpointAwsArgs.builder()
.projectId("string")
.serviceEndpointName("string")
.accessKeyId("string")
.description("string")
.externalId("string")
.roleSessionName("string")
.roleToAssume("string")
.secretAccessKey("string")
.sessionToken("string")
.useOidc(false)
.build());
service_endpoint_aws_resource = azuredevops.ServiceEndpointAws("serviceEndpointAwsResource",
project_id="string",
service_endpoint_name="string",
access_key_id="string",
description="string",
external_id="string",
role_session_name="string",
role_to_assume="string",
secret_access_key="string",
session_token="string",
use_oidc=False)
const serviceEndpointAwsResource = new azuredevops.ServiceEndpointAws("serviceEndpointAwsResource", {
projectId: "string",
serviceEndpointName: "string",
accessKeyId: "string",
description: "string",
externalId: "string",
roleSessionName: "string",
roleToAssume: "string",
secretAccessKey: "string",
sessionToken: "string",
useOidc: false,
});
type: azuredevops:ServiceEndpointAws
properties:
accessKeyId: string
description: string
externalId: string
projectId: string
roleSessionName: string
roleToAssume: string
secretAccessKey: string
serviceEndpointName: string
sessionToken: string
useOidc: false
ServiceEndpointAws Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ServiceEndpointAws resource accepts the following input properties:
- Project
Id stringThis property is required. 
Changes to this property will trigger replacement. - The ID of the project.
- Service
Endpoint Name This property is required. string - The Service Endpoint name.
- Access
Key stringId - The AWS access key ID for signing programmatic requests.
- Description string
- External
Id string - A unique identifier that is used by third parties when assuming roles in their customers' accounts, aka cross-account role access.
- Role
Session stringName - Optional identifier for the assumed role session.
- Role
To stringAssume - The Amazon Resource Name (ARN) of the role to assume.
- Secret
Access stringKey - The AWS secret access key for signing programmatic requests.
- Session
Token string - The AWS session token for signing programmatic requests.
- Use
Oidc bool - Enable this to attempt getting credentials with OIDC token from Azure Devops.
- Project
Id stringThis property is required. Changes to this property will trigger replacement. - The ID of the project.
- Service
Endpoint Name This property is required. string - The Service Endpoint name.
- Access
Key stringId - The AWS access key ID for signing programmatic requests.
- Description string
- External
Id string - A unique identifier that is used by third parties when assuming roles in their customers' accounts, aka cross-account role access.
- Role
Session stringName - Optional identifier for the assumed role session.
- Role
To stringAssume - The Amazon Resource Name (ARN) of the role to assume.
- Secret
Access stringKey - The AWS secret access key for signing programmatic requests.
- Session
Token string - The AWS session token for signing programmatic requests.
- Use
Oidc bool - Enable this to attempt getting credentials with OIDC token from Azure Devops.
- project
Id StringThis property is required. Changes to this property will trigger replacement. - The ID of the project.
- service
Endpoint Name This property is required. String - The Service Endpoint name.
- access
Key StringId - The AWS access key ID for signing programmatic requests.
- description String
- external
Id String - A unique identifier that is used by third parties when assuming roles in their customers' accounts, aka cross-account role access.
- role
Session StringName - Optional identifier for the assumed role session.
- role
To StringAssume - The Amazon Resource Name (ARN) of the role to assume.
- secret
Access StringKey - The AWS secret access key for signing programmatic requests.
- session
Token String - The AWS session token for signing programmatic requests.
- use
Oidc Boolean - Enable this to attempt getting credentials with OIDC token from Azure Devops.
- project
Id stringThis property is required. Changes to this property will trigger replacement. - The ID of the project.
- service
Endpoint Name This property is required. string - The Service Endpoint name.
- access
Key stringId - The AWS access key ID for signing programmatic requests.
- description string
- external
Id string - A unique identifier that is used by third parties when assuming roles in their customers' accounts, aka cross-account role access.
- role
Session stringName - Optional identifier for the assumed role session.
- role
To stringAssume - The Amazon Resource Name (ARN) of the role to assume.
- secret
Access stringKey - The AWS secret access key for signing programmatic requests.
- session
Token string - The AWS session token for signing programmatic requests.
- use
Oidc boolean - Enable this to attempt getting credentials with OIDC token from Azure Devops.
- project_
id strThis property is required. Changes to this property will trigger replacement. - The ID of the project.
- service_
endpoint_ name This property is required. str - The Service Endpoint name.
- access_
key_ strid - The AWS access key ID for signing programmatic requests.
- description str
- external_
id str - A unique identifier that is used by third parties when assuming roles in their customers' accounts, aka cross-account role access.
- role_
session_ strname - Optional identifier for the assumed role session.
- role_
to_ strassume - The Amazon Resource Name (ARN) of the role to assume.
- secret_
access_ strkey - The AWS secret access key for signing programmatic requests.
- session_
token str - The AWS session token for signing programmatic requests.
- use_
oidc bool - Enable this to attempt getting credentials with OIDC token from Azure Devops.
- project
Id StringThis property is required. Changes to this property will trigger replacement. - The ID of the project.
- service
Endpoint Name This property is required. String - The Service Endpoint name.
- access
Key StringId - The AWS access key ID for signing programmatic requests.
- description String
- external
Id String - A unique identifier that is used by third parties when assuming roles in their customers' accounts, aka cross-account role access.
- role
Session StringName - Optional identifier for the assumed role session.
- role
To StringAssume - The Amazon Resource Name (ARN) of the role to assume.
- secret
Access StringKey - The AWS secret access key for signing programmatic requests.
- session
Token String - The AWS session token for signing programmatic requests.
- use
Oidc Boolean - Enable this to attempt getting credentials with OIDC token from Azure Devops.
Outputs
All input properties are implicitly available as output properties. Additionally, the ServiceEndpointAws resource produces the following output properties:
- Dictionary<string, string>
- Id string
- The provider-assigned unique ID for this managed resource.
- map[string]string
- Id string
- The provider-assigned unique ID for this managed resource.
- Map<String,String>
- id String
- The provider-assigned unique ID for this managed resource.
- {[key: string]: string}
- id string
- The provider-assigned unique ID for this managed resource.
- Mapping[str, str]
- id str
- The provider-assigned unique ID for this managed resource.
- Map<String>
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing ServiceEndpointAws Resource
Get an existing ServiceEndpointAws resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ServiceEndpointAwsState, opts?: CustomResourceOptions): ServiceEndpointAws@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
access_key_id: Optional[str] = None,
authorization: Optional[Mapping[str, str]] = None,
description: Optional[str] = None,
external_id: Optional[str] = None,
project_id: Optional[str] = None,
role_session_name: Optional[str] = None,
role_to_assume: Optional[str] = None,
secret_access_key: Optional[str] = None,
service_endpoint_name: Optional[str] = None,
session_token: Optional[str] = None,
use_oidc: Optional[bool] = None) -> ServiceEndpointAwsfunc GetServiceEndpointAws(ctx *Context, name string, id IDInput, state *ServiceEndpointAwsState, opts ...ResourceOption) (*ServiceEndpointAws, error)public static ServiceEndpointAws Get(string name, Input<string> id, ServiceEndpointAwsState? state, CustomResourceOptions? opts = null)public static ServiceEndpointAws get(String name, Output<String> id, ServiceEndpointAwsState state, CustomResourceOptions options)resources: _: type: azuredevops:ServiceEndpointAws get: id: ${id}- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Access
Key stringId - The AWS access key ID for signing programmatic requests.
- Dictionary<string, string>
- Description string
- External
Id string - A unique identifier that is used by third parties when assuming roles in their customers' accounts, aka cross-account role access.
- Project
Id - The ID of the project.
- Role
Session stringName - Optional identifier for the assumed role session.
- Role
To stringAssume - The Amazon Resource Name (ARN) of the role to assume.
- Secret
Access stringKey - The AWS secret access key for signing programmatic requests.
- Service
Endpoint stringName - The Service Endpoint name.
- Session
Token string - The AWS session token for signing programmatic requests.
- Use
Oidc bool - Enable this to attempt getting credentials with OIDC token from Azure Devops.
- Access
Key stringId - The AWS access key ID for signing programmatic requests.
- map[string]string
- Description string
- External
Id string - A unique identifier that is used by third parties when assuming roles in their customers' accounts, aka cross-account role access.
- Project
Id - The ID of the project.
- Role
Session stringName - Optional identifier for the assumed role session.
- Role
To stringAssume - The Amazon Resource Name (ARN) of the role to assume.
- Secret
Access stringKey - The AWS secret access key for signing programmatic requests.
- Service
Endpoint stringName - The Service Endpoint name.
- Session
Token string - The AWS session token for signing programmatic requests.
- Use
Oidc bool - Enable this to attempt getting credentials with OIDC token from Azure Devops.
- access
Key StringId - The AWS access key ID for signing programmatic requests.
- Map<String,String>
- description String
- external
Id String - A unique identifier that is used by third parties when assuming roles in their customers' accounts, aka cross-account role access.
- project
Id - The ID of the project.
- role
Session StringName - Optional identifier for the assumed role session.
- role
To StringAssume - The Amazon Resource Name (ARN) of the role to assume.
- secret
Access StringKey - The AWS secret access key for signing programmatic requests.
- service
Endpoint StringName - The Service Endpoint name.
- session
Token String - The AWS session token for signing programmatic requests.
- use
Oidc Boolean - Enable this to attempt getting credentials with OIDC token from Azure Devops.
- access
Key stringId - The AWS access key ID for signing programmatic requests.
- {[key: string]: string}
- description string
- external
Id string - A unique identifier that is used by third parties when assuming roles in their customers' accounts, aka cross-account role access.
- project
Id - The ID of the project.
- role
Session stringName - Optional identifier for the assumed role session.
- role
To stringAssume - The Amazon Resource Name (ARN) of the role to assume.
- secret
Access stringKey - The AWS secret access key for signing programmatic requests.
- service
Endpoint stringName - The Service Endpoint name.
- session
Token string - The AWS session token for signing programmatic requests.
- use
Oidc boolean - Enable this to attempt getting credentials with OIDC token from Azure Devops.
- access_
key_ strid - The AWS access key ID for signing programmatic requests.
- Mapping[str, str]
- description str
- external_
id str - A unique identifier that is used by third parties when assuming roles in their customers' accounts, aka cross-account role access.
- project_
id - The ID of the project.
- role_
session_ strname - Optional identifier for the assumed role session.
- role_
to_ strassume - The Amazon Resource Name (ARN) of the role to assume.
- secret_
access_ strkey - The AWS secret access key for signing programmatic requests.
- service_
endpoint_ strname - The Service Endpoint name.
- session_
token str - The AWS session token for signing programmatic requests.
- use_
oidc bool - Enable this to attempt getting credentials with OIDC token from Azure Devops.
- access
Key StringId - The AWS access key ID for signing programmatic requests.
- Map<String>
- description String
- external
Id String - A unique identifier that is used by third parties when assuming roles in their customers' accounts, aka cross-account role access.
- project
Id - The ID of the project.
- role
Session StringName - Optional identifier for the assumed role session.
- role
To StringAssume - The Amazon Resource Name (ARN) of the role to assume.
- secret
Access StringKey - The AWS secret access key for signing programmatic requests.
- service
Endpoint StringName - The Service Endpoint name.
- session
Token String - The AWS session token for signing programmatic requests.
- use
Oidc Boolean - Enable this to attempt getting credentials with OIDC token from Azure Devops.
Import
Azure DevOps AWS Service Endpoint can be imported using projectID/serviceEndpointID or projectName/serviceEndpointID
$ pulumi import azuredevops:index/serviceEndpointAws:ServiceEndpointAws azuredevops_serviceendpoint_aws.example 00000000-0000-0000-0000-000000000000/00000000-0000-0000-0000-000000000000
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure DevOps pulumi/pulumi-azuredevops
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azuredevopsTerraform Provider.