npmpackage.info

Gathering detailed insights and metrics for @pulumi/awsx

@pulumi/awsx - 2.22.0 | npmpackage.info

@pulumi/awsx

AWS infrastructure best practices in component form!

2.22.0

235

Apache-2.0

TypeScript

1.55 MB

5.1

Installations

npm install @pulumi/awsx

Developer Guide

BETA

Typescript

Yes

Module System

N/A

Node Version

20.19.2

NPM Version

10.8.2 Pull Requests

Open

16

Total

1,028

Closed

269

Merged

743

Issues

Open

133

Total

592

Closed

459

Releases

v2.22.0

Updated on Jun 25, 2025

v2.21.1

Updated on Mar 10, 2025

v2.21.0

Updated on Jan 16, 2025

v2.20.1

Updated on Jan 15, 2025

v2.20.0

Updated on Jan 14, 2025

v2.19.0

Updated on Nov 18, 2024

View All 66 releases

Languages

TypeScript

Shell

Makefile

JavaScript

Dockerfile

HTML

Batchfile

TypeScript (88.39%)

Go (8.66%)

Shell (1.34%)

Makefile (1.25%)

JavaScript (0.32%)

Dockerfile (0.03%)

HTML (0.01%)

Developer

pulumi

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

Apache-2.0 License

235 Stars

859 Commits

108 Forks

28 Watchers

117 Branches

142 Contributors

Updated on Jul 07, 2025

Maintainers

View All 142 Contributors

Package Meta Information

Latest Version

2.22.0

Package Id

@pulumi/awsx@2.22.0

Unpacked Size

1.55 MB

Size

287.11 kB

File Count

360

NPM Version

10.8.2

Node Version

20.19.2

Published on

Jun 25, 2025

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@aws-sdk/client-ecs @pulumi/aws @pulumi/docker @pulumi/docker-build @pulumi/pulumi @types/aws-lambda docker-classic mime

Dev Dependencies

@types/mime @types/node typescript

Pulumi AWS Infrastructure Components

Pulumi's framework for Amazon Web Services (AWS) infrastructure.

To use this package, install the Pulumi CLI. For a streamlined Pulumi walkthrough, including language runtime installation and AWS configuration, see the Crosswalk for AWS documentation.

The AWS Infrastructure package is intended to provide component wrappers around many core AWS 'raw' resources to make them easier and more convenient to use. In general, the @pulumi/awsx package mirrors the module structure of @pulumi/aws (i.e. @pulumi/awsx/ecs or @pulumi/awsx/ec2). These components are designed to take care of much of the redundancy and boilerplate necessary when using the raw AWS resources, while still striving to expose all underlying functionality if needed.

The AWS Infrastructure package undergoes constant improvements and additions. While we will strive to maintain backward compatibility here, we will occasionally make breaks here as appropriate if it helps improve the overall quality of this package.

The AWS Infrastructure package exposes many high level abstractions. Including:

ec2. A module that makes it easier to work with your AWS network, subnets, and security groups. By default, the resources in the package follow the AWS Best Practices, but can be configured as desired in whatever ways you want. Most commonly, this package is used to acquire the default Vpc for a region (using awsx.ec2.DefaultNetwork). However, it can also be used to easily create or augment an existing Vpc.
ecs. A module that makes it easy to create and configure clusters, tasks and services for running containers. Convenience resources are created to make the common tasks of creating EC2 or Fargate services and tasks much simpler.
lb. A module for simply setting up Elastic Load Balancing. This module provides convenient ways to set up either Network or Application load balancers, along with the appropriate ELB Target Groups and Listeners in order to have a high availability, automatically-scaled service. These ELB components also work well with the other awsx components. For example, an lb.defaultTarget can be passed in directly as the portMapping target of an ecs.FargateService.

Installing

This package is available in many languages in the standard packaging formats.

Node.js (Java/TypeScript)

To use from JavaScript or TypeScript in Node.js, install using either npm:

1npm install @pulumi/awsx

or yarn:

1yarn add @pulumi/awsx

Python

To use from Python, install using pip:

1pip install pulumi-awsx

Go

To use from Go, use go get to grab the latest version of the library

1go get github.com/pulumi/pulumi-awsx/sdk

.NET

To use from .NET, install using dotnet add package:

1dotnet add package Pulumi.Awsx

Configuration

The configuration options available for this provider mirror those of the Pulumi AWS Classic Provider

Custom AWS Provider Versions

Pulumi dependency resolution may result in awsx.* resources using a different version of the AWS Classic Provider than the rest of the program. The version used by default is fixed for each @pulumi/awsx release and can be found in package.json. When this becomes problematic, for example a newer version of AWS Classic Provider is desired, it can be specified explicitly. For example, in Python:

1import pulumi
2import pulumi_aws as aws
3import pulumi_awsx as awsx
4
5awsp = aws.Provider("awsp", opts=pulumi.ResourceOptions(version="6.36.0"))
6lb = awsx.lb.ApplicationLoadBalancer("lb", opts=pulumi.ResourceOptions(providers={"aws": awsp}))

Migration from 0.x to 1.0

Before version 1, this package only supported components in TypeScript. All the existing components from the 0.x releases are now available in the classic namespace. The classic namespace will remain until the next major version release but will only receive updates for critical security fixes.

Change references from @pulumi/awsx to @pulumi/awsx/classic to maintain existing behaviour.
Refactor to replace the classic components with the new top-level components.

Note: The new top-level components (outside the classic namespace) may require additional code changes and resource re-creation.

Notable changes

Removed ECS Cluster as this did not add any functionality over the AWS Classic ECS Cluster resource.
Removed Vpc.fromExistingIds() as this was originally added because other components depended on the concrete VPC component class. The new components in v1 no longer have hard dependencies on other resources, so instead the subnets from the existing VPC can be passed into other components directly.

References

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Security-Policy

Determines if the project has published a security policy.

10

Fuzzing

Determines if the project uses fuzzing.

4

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 4

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/awsx-upgrade-aws.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/awsx-upgrade-aws.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/awsx-upgrade-aws.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/awsx-upgrade-aws.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/awsx-weekly-pulumi-update.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/awsx-weekly-pulumi-update.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/awsx-weekly-pulumi-update.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/awsx-weekly-pulumi-update.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/awsx-weekly-pulumi-update.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/awsx-weekly-pulumi-update.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/awsx-weekly-pulumi-update.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/awsx-weekly-pulumi-update.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/awsx-weekly-pulumi-update.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/awsx-weekly-pulumi-update.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build_provider.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/build_provider.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_provider.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/build_provider.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build_sdk.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/build_sdk.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/license.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/license.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/master.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/master.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:214: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release_command.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-awsx/release_command.yml/master?enable=pin
Warn: containerImage not pinned by hash: .devcontainer/Dockerfile:1: pin your Docker image by updating jetpackio/devbox:latest to jetpackio/devbox:latest@sha256:084acab190e61dcfcc234af1a8861633ca75fe6a72394c57de488de45bba9242
Warn: containerImage not pinned by hash: examples/ts-ecr-dockerfile/docker/Dockerfile:1: pin your Docker image by updating nginx to nginx@sha256:93230cd54060f497430c7a120e2347894846a81b6a5dd2110f7362c5423b4abc
Warn: containerImage not pinned by hash: examples/ts-ecr-registry-image/app/Dockerfile:1: pin your Docker image by updating nginx to nginx@sha256:93230cd54060f497430c7a120e2347894846a81b6a5dd2110f7362c5423b4abc
Warn: containerImage not pinned by hash: examples/ts-ecr-simple/app/Dockerfile:1: pin your Docker image by updating nginx to nginx@sha256:93230cd54060f497430c7a120e2347894846a81b6a5dd2110f7362c5423b4abc
Warn: containerImage not pinned by hash: examples/ts-ecr-simple/app/Dockerfile-multistage:1
Warn: containerImage not pinned by hash: examples/ts-ecr-simple/app/Dockerfile-multistage:4: pin your Docker image by updating nginx to nginx@sha256:93230cd54060f497430c7a120e2347894846a81b6a5dd2110f7362c5423b4abc
Warn: containerImage not pinned by hash: examples_legacy/ec2/app/Dockerfile:1: pin your Docker image by updating nginx to nginx@sha256:93230cd54060f497430c7a120e2347894846a81b6a5dd2110f7362c5423b4abc
Warn: containerImage not pinned by hash: examples_legacy/ec2/app/Dockerfile-multistage:1
Warn: containerImage not pinned by hash: examples_legacy/ec2/app/Dockerfile-multistage:4: pin your Docker image by updating nginx to nginx@sha256:93230cd54060f497430c7a120e2347894846a81b6a5dd2110f7362c5423b4abc
Warn: containerImage not pinned by hash: examples_legacy/ecr/app/Dockerfile:1: pin your Docker image by updating nginx to nginx@sha256:93230cd54060f497430c7a120e2347894846a81b6a5dd2110f7362c5423b4abc
Warn: containerImage not pinned by hash: examples_legacy/ecr/app/Dockerfile-multistage:1
Warn: containerImage not pinned by hash: examples_legacy/ecr/app/Dockerfile-multistage:4: pin your Docker image by updating nginx to nginx@sha256:93230cd54060f497430c7a120e2347894846a81b6a5dd2110f7362c5423b4abc
Warn: containerImage not pinned by hash: examples_legacy/nlb/fargate/app/Dockerfile:1: pin your Docker image by updating nginx to nginx@sha256:93230cd54060f497430c7a120e2347894846a81b6a5dd2110f7362c5423b4abc
Warn: containerImage not pinned by hash: examples_legacy/nlb/fargate/app/Dockerfile-multistage:1
Warn: containerImage not pinned by hash: examples_legacy/nlb/fargate/app/Dockerfile-multistage:4: pin your Docker image by updating nginx to nginx@sha256:93230cd54060f497430c7a120e2347894846a81b6a5dd2110f7362c5423b4abc
Warn: goCommand not pinned by hash: scripts/get-latest-pulumi-version.sh:9
Warn: downloadThenRun not pinned by hash: .github/workflows/awsx-weekly-pulumi-update.yml:29
Warn: pipCommand not pinned by hash: .github/workflows/publish.yml:178
Warn: pipCommand not pinned by hash: .github/workflows/test.yml:78
Warn: pipCommand not pinned by hash: .github/workflows/test.yml:79
Info: 21 out of 26 GitHub-owned GitHubAction dependencies pinned
Info: 26 out of 36 third-party GitHubAction dependencies pinned
Info: 0 out of 15 containerImage dependencies pinned
Info: 0 out of 1 goCommand dependencies pinned
Info: 0 out of 1 downloadThenRun dependencies pinned
Info: 0 out of 3 pipCommand dependencies pinned

2

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

Reason

detected GitHub workflow tokens with excessive permissions

Details

Info: jobLevel 'contents' permission set to 'read': .github/workflows/master.yml:111
Warn: jobLevel 'contents' permission set to 'write': .github/workflows/master.yml:71
Info: jobLevel 'contents' permission set to 'read': .github/workflows/prerelease.yml:84
Warn: jobLevel 'contents' permission set to 'write': .github/workflows/prerelease.yml:64
Warn: jobLevel 'contents' permission set to 'write': .github/workflows/publish.yml:226
Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:69
Info: jobLevel 'contents' permission set to 'read': .github/workflows/release.yml:90
Warn: jobLevel 'statuses' permission set to 'write': .github/workflows/run-acceptance-tests.yml:110
Info: jobLevel 'contents' permission set to 'read': .github/workflows/run-acceptance-tests.yml:140
Info: jobLevel 'contents' permission set to 'read': .github/workflows/run-acceptance-tests.yml:49
Info: jobLevel 'contents' permission set to 'read': .github/workflows/test.yml:42
Info: jobLevel 'contents' permission set to 'read': .github/workflows/verify-release.yml:72
Warn: no topLevel permission defined: .github/workflows/awsx-upgrade-aws.yml:1
Warn: topLevel 'contents' permission set to 'write': .github/workflows/awsx-weekly-pulumi-update.yml:12
Warn: no topLevel permission defined: .github/workflows/build_provider.yml:1
Warn: no topLevel permission defined: .github/workflows/build_sdk.yml:1
Warn: no topLevel permission defined: .github/workflows/command-dispatch.yml:1
Warn: no topLevel permission defined: .github/workflows/community-moderation.yml:1
Warn: no topLevel permission defined: .github/workflows/license.yml:1
Warn: no topLevel permission defined: .github/workflows/lint.yml:1
Warn: no topLevel permission defined: .github/workflows/main-post-build.yml:1
Warn: no topLevel permission defined: .github/workflows/master.yml:1
Warn: no topLevel permission defined: .github/workflows/prerelease.yml:1
Warn: no topLevel permission defined: .github/workflows/prerequisites.yml:1
Warn: no topLevel permission defined: .github/workflows/publish.yml:1
Warn: no topLevel permission defined: .github/workflows/pull-request.yml:1
Warn: no topLevel permission defined: .github/workflows/release.yml:1
Warn: no topLevel permission defined: .github/workflows/release_command.yml:1
Warn: no topLevel permission defined: .github/workflows/run-acceptance-tests.yml:1
Warn: no topLevel permission defined: .github/workflows/test.yml:1
Warn: no topLevel permission defined: .github/workflows/verify-release.yml:1

0

Signed-Releases

Determines if the project cryptographically signs release artifacts.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

5.1

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More