AWS Cloud Control v1.27.0, Apr 14 25

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi

aws-native.ec2.KeyPair

Explore with Pulumi AI

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi

When you import an existing key pair, you specify the public key material for the key. We assume that you have the private key material for the key. CFNlong does not create or return the private key material when you import a key pair. When you create a new key pair, the private key is saved to SYSlong Parameter Store, using a parameter with the following name: /ec2/keypair/{key_pair_id}. For more information about retrieving private key, and the required permissions, see Create a key pair using in the User Guide. When CFN deletes a key pair that was created or imported by a stack, it also deletes the parameter that was used to store the private key material in Parameter Store.

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var newKeyPair = new AwsNative.Ec2.KeyPair("newKeyPair", new()
    {
        KeyName = "MyKeyPair",
    });

    var ec2Instance = new AwsNative.Ec2.Instance("ec2Instance", new()
    {
        ImageId = "ami-02b92c281a4d3dc79",
        KeyName = newKeyPair.Id,
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		newKeyPair, err := ec2.NewKeyPair(ctx, "newKeyPair", &ec2.KeyPairArgs{
			KeyName: pulumi.String("MyKeyPair"),
		})
		if err != nil {
			return err
		}
		_, err = ec2.NewInstance(ctx, "ec2Instance", &ec2.InstanceArgs{
			ImageId: pulumi.String("ami-02b92c281a4d3dc79"),
			KeyName: newKeyPair.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const newKeyPair = new aws_native.ec2.KeyPair("newKeyPair", {keyName: "MyKeyPair"});
const ec2Instance = new aws_native.ec2.Instance("ec2Instance", {
    imageId: "ami-02b92c281a4d3dc79",
    keyName: newKeyPair.id,
});

import pulumi
import pulumi_aws_native as aws_native

new_key_pair = aws_native.ec2.KeyPair("newKeyPair", key_name="MyKeyPair")
ec2_instance = aws_native.ec2.Instance("ec2Instance",
    image_id="ami-02b92c281a4d3dc79",
    key_name=new_key_pair.id)

Coming soon!

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var newKeyPair = new AwsNative.Ec2.KeyPair("newKeyPair", new()
    {
        KeyName = "MyKeyPair",
    });

    var ec2Instance = new AwsNative.Ec2.Instance("ec2Instance", new()
    {
        ImageId = "ami-02b92c281a4d3dc79",
        KeyName = newKeyPair.Id,
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		newKeyPair, err := ec2.NewKeyPair(ctx, "newKeyPair", &ec2.KeyPairArgs{
			KeyName: pulumi.String("MyKeyPair"),
		})
		if err != nil {
			return err
		}
		_, err = ec2.NewInstance(ctx, "ec2Instance", &ec2.InstanceArgs{
			ImageId: pulumi.String("ami-02b92c281a4d3dc79"),
			KeyName: newKeyPair.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const newKeyPair = new aws_native.ec2.KeyPair("newKeyPair", {keyName: "MyKeyPair"});
const ec2Instance = new aws_native.ec2.Instance("ec2Instance", {
    imageId: "ami-02b92c281a4d3dc79",
    keyName: newKeyPair.id,
});

import pulumi
import pulumi_aws_native as aws_native

new_key_pair = aws_native.ec2.KeyPair("newKeyPair", key_name="MyKeyPair")
ec2_instance = aws_native.ec2.Instance("ec2Instance",
    image_id="ami-02b92c281a4d3dc79",
    key_name=new_key_pair.id)

Coming soon!

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var importedKeyPair = new AwsNative.Ec2.KeyPair("importedKeyPair", new()
    {
        KeyName = "NameForMyImportedKeyPair",
        PublicKeyMaterial = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICfp1F7DhdWZdqkYAUGCzcBsLmJeu9izpIyGpmmg7eCz example",
    });

    var ec2Instance = new AwsNative.Ec2.Instance("ec2Instance", new()
    {
        ImageId = "ami-02b92c281a4d3dc79",
        KeyName = importedKeyPair.Id,
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		importedKeyPair, err := ec2.NewKeyPair(ctx, "importedKeyPair", &ec2.KeyPairArgs{
			KeyName:           pulumi.String("NameForMyImportedKeyPair"),
			PublicKeyMaterial: pulumi.String("ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICfp1F7DhdWZdqkYAUGCzcBsLmJeu9izpIyGpmmg7eCz example"),
		})
		if err != nil {
			return err
		}
		_, err = ec2.NewInstance(ctx, "ec2Instance", &ec2.InstanceArgs{
			ImageId: pulumi.String("ami-02b92c281a4d3dc79"),
			KeyName: importedKeyPair.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const importedKeyPair = new aws_native.ec2.KeyPair("importedKeyPair", {
    keyName: "NameForMyImportedKeyPair",
    publicKeyMaterial: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICfp1F7DhdWZdqkYAUGCzcBsLmJeu9izpIyGpmmg7eCz example",
});
const ec2Instance = new aws_native.ec2.Instance("ec2Instance", {
    imageId: "ami-02b92c281a4d3dc79",
    keyName: importedKeyPair.id,
});

import pulumi
import pulumi_aws_native as aws_native

imported_key_pair = aws_native.ec2.KeyPair("importedKeyPair",
    key_name="NameForMyImportedKeyPair",
    public_key_material="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICfp1F7DhdWZdqkYAUGCzcBsLmJeu9izpIyGpmmg7eCz example")
ec2_instance = aws_native.ec2.Instance("ec2Instance",
    image_id="ami-02b92c281a4d3dc79",
    key_name=imported_key_pair.id)

Coming soon!

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var importedKeyPair = new AwsNative.Ec2.KeyPair("importedKeyPair", new()
    {
        KeyName = "NameForMyImportedKeyPair",
        PublicKeyMaterial = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICfp1F7DhdWZdqkYAUGCzcBsLmJeu9izpIyGpmmg7eCz example",
    });

    var ec2Instance = new AwsNative.Ec2.Instance("ec2Instance", new()
    {
        ImageId = "ami-02b92c281a4d3dc79",
        KeyName = importedKeyPair.Id,
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		importedKeyPair, err := ec2.NewKeyPair(ctx, "importedKeyPair", &ec2.KeyPairArgs{
			KeyName:           pulumi.String("NameForMyImportedKeyPair"),
			PublicKeyMaterial: pulumi.String("ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICfp1F7DhdWZdqkYAUGCzcBsLmJeu9izpIyGpmmg7eCz example"),
		})
		if err != nil {
			return err
		}
		_, err = ec2.NewInstance(ctx, "ec2Instance", &ec2.InstanceArgs{
			ImageId: pulumi.String("ami-02b92c281a4d3dc79"),
			KeyName: importedKeyPair.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const importedKeyPair = new aws_native.ec2.KeyPair("importedKeyPair", {
    keyName: "NameForMyImportedKeyPair",
    publicKeyMaterial: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICfp1F7DhdWZdqkYAUGCzcBsLmJeu9izpIyGpmmg7eCz example",
});
const ec2Instance = new aws_native.ec2.Instance("ec2Instance", {
    imageId: "ami-02b92c281a4d3dc79",
    keyName: importedKeyPair.id,
});

import pulumi
import pulumi_aws_native as aws_native

imported_key_pair = aws_native.ec2.KeyPair("importedKeyPair",
    key_name="NameForMyImportedKeyPair",
    public_key_material="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICfp1F7DhdWZdqkYAUGCzcBsLmJeu9izpIyGpmmg7eCz example")
ec2_instance = aws_native.ec2.Instance("ec2Instance",
    image_id="ami-02b92c281a4d3dc79",
    key_name=imported_key_pair.id)

Coming soon!

Create KeyPair Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

TypeScript
Python
Go
C#
Java
YAML

new KeyPair(name: string, args: KeyPairArgs, opts?: CustomResourceOptions);

@overload
def KeyPair(resource_name: str,
            args: KeyPairArgs,
            opts: Optional[ResourceOptions] = None)

@overload
def KeyPair(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            key_name: Optional[str] = None,
            key_format: Optional[KeyPairKeyFormat] = None,
            key_type: Optional[KeyPairKeyType] = None,
            public_key_material: Optional[str] = None,
            tags: Optional[Sequence[_root_inputs.CreateOnlyTagArgs]] = None)

func NewKeyPair(ctx *Context, name string, args KeyPairArgs, opts ...ResourceOption) (*KeyPair, error)

public KeyPair(string name, KeyPairArgs args, CustomResourceOptions? opts = null)

public KeyPair(String name, KeyPairArgs args)
public KeyPair(String name, KeyPairArgs args, CustomResourceOptions options)

type: aws-native:ec2:KeyPair
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args KeyPairArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args KeyPairArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args KeyPairArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args KeyPairArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args KeyPairArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

KeyPair Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The KeyPair resource accepts the following input properties:

KeyName string: A unique name for the key pair. Constraints: Up to 255 ASCII characters
KeyFormat Pulumi.AwsNative.Ec2.KeyPairKeyFormat: The format of the key pair. Default: pem
KeyType Pulumi.AwsNative.Ec2.KeyPairKeyType: The type of key pair. Note that ED25519 keys are not supported for Windows instances. If the PublicKeyMaterial property is specified, the KeyType property is ignored, and the key type is inferred from the PublicKeyMaterial value. Default: rsa
PublicKeyMaterial string: The public key material. The PublicKeyMaterial property is used to import a key pair. If this property is not specified, then a new key pair will be created.
Tags List<Pulumi.AwsNative.Inputs.CreateOnlyTag>: The tags to apply to the key pair.

KeyName string: A unique name for the key pair. Constraints: Up to 255 ASCII characters
KeyFormat KeyPairKeyFormat: The format of the key pair. Default: pem
KeyType KeyPairKeyType: The type of key pair. Note that ED25519 keys are not supported for Windows instances. If the PublicKeyMaterial property is specified, the KeyType property is ignored, and the key type is inferred from the PublicKeyMaterial value. Default: rsa
PublicKeyMaterial string: The public key material. The PublicKeyMaterial property is used to import a key pair. If this property is not specified, then a new key pair will be created.
Tags CreateOnlyTagArgs: The tags to apply to the key pair.

keyName String: A unique name for the key pair. Constraints: Up to 255 ASCII characters
keyFormat KeyPairKeyFormat: The format of the key pair. Default: pem
keyType KeyPairKeyType: The type of key pair. Note that ED25519 keys are not supported for Windows instances. If the PublicKeyMaterial property is specified, the KeyType property is ignored, and the key type is inferred from the PublicKeyMaterial value. Default: rsa
publicKeyMaterial String: The public key material. The PublicKeyMaterial property is used to import a key pair. If this property is not specified, then a new key pair will be created.
tags List<CreateOnlyTag>: The tags to apply to the key pair.

keyName string: A unique name for the key pair. Constraints: Up to 255 ASCII characters
keyFormat KeyPairKeyFormat: The format of the key pair. Default: pem
keyType KeyPairKeyType: The type of key pair. Note that ED25519 keys are not supported for Windows instances. If the PublicKeyMaterial property is specified, the KeyType property is ignored, and the key type is inferred from the PublicKeyMaterial value. Default: rsa
publicKeyMaterial string: The public key material. The PublicKeyMaterial property is used to import a key pair. If this property is not specified, then a new key pair will be created.
tags CreateOnlyTag[]: The tags to apply to the key pair.

key_name str: A unique name for the key pair. Constraints: Up to 255 ASCII characters
key_format KeyPairKeyFormat: The format of the key pair. Default: pem
key_type KeyPairKeyType: The type of key pair. Note that ED25519 keys are not supported for Windows instances. If the PublicKeyMaterial property is specified, the KeyType property is ignored, and the key type is inferred from the PublicKeyMaterial value. Default: rsa
public_key_material str: The public key material. The PublicKeyMaterial property is used to import a key pair. If this property is not specified, then a new key pair will be created.
tags Sequence[CreateOnlyTagArgs]: The tags to apply to the key pair.

keyName String: A unique name for the key pair. Constraints: Up to 255 ASCII characters
keyFormat "pem" | "ppk": The format of the key pair. Default: pem
keyType "rsa" | "ed25519": The type of key pair. Note that ED25519 keys are not supported for Windows instances. If the PublicKeyMaterial property is specified, the KeyType property is ignored, and the key type is inferred from the PublicKeyMaterial value. Default: rsa
publicKeyMaterial String: The public key material. The PublicKeyMaterial property is used to import a key pair. If this property is not specified, then a new key pair will be created.
tags List<Property Map>: The tags to apply to the key pair.

Outputs

All input properties are implicitly available as output properties. Additionally, the KeyPair resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

KeyFingerprint string

If you created the key pair using Amazon EC2:

For RSA key pairs, the key fingerprint is the SHA-1 digest of the DER encoded private key.
For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with OpenSSH 6.8 .

If you imported the key pair to Amazon EC2:

For RSA key pairs, the key fingerprint is the MD5 public key fingerprint as specified in section 4 of RFC 4716.
For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with OpenSSH 6.8 .

KeyPairId string

The ID of the key pair.

Id string

The provider-assigned unique ID for this managed resource.

KeyFingerprint string

If you created the key pair using Amazon EC2:

For RSA key pairs, the key fingerprint is the SHA-1 digest of the DER encoded private key.
For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with OpenSSH 6.8 .

If you imported the key pair to Amazon EC2:

For RSA key pairs, the key fingerprint is the MD5 public key fingerprint as specified in section 4 of RFC 4716.
For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with OpenSSH 6.8 .

KeyPairId string

The ID of the key pair.

id String

The provider-assigned unique ID for this managed resource.

keyFingerprint String

If you created the key pair using Amazon EC2:

For RSA key pairs, the key fingerprint is the SHA-1 digest of the DER encoded private key.
For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with OpenSSH 6.8 .

If you imported the key pair to Amazon EC2:

For RSA key pairs, the key fingerprint is the MD5 public key fingerprint as specified in section 4 of RFC 4716.
For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with OpenSSH 6.8 .

keyPairId String

The ID of the key pair.

id string

The provider-assigned unique ID for this managed resource.

keyFingerprint string

If you created the key pair using Amazon EC2:

For RSA key pairs, the key fingerprint is the SHA-1 digest of the DER encoded private key.
For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with OpenSSH 6.8 .

If you imported the key pair to Amazon EC2:

For RSA key pairs, the key fingerprint is the MD5 public key fingerprint as specified in section 4 of RFC 4716.
For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with OpenSSH 6.8 .

keyPairId string

The ID of the key pair.

id str

The provider-assigned unique ID for this managed resource.

key_fingerprint str

If you created the key pair using Amazon EC2:

For RSA key pairs, the key fingerprint is the SHA-1 digest of the DER encoded private key.
For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with OpenSSH 6.8 .

If you imported the key pair to Amazon EC2:

For RSA key pairs, the key fingerprint is the MD5 public key fingerprint as specified in section 4 of RFC 4716.
For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with OpenSSH 6.8 .

key_pair_id str

The ID of the key pair.

id String

The provider-assigned unique ID for this managed resource.

keyFingerprint String

If you created the key pair using Amazon EC2:

For RSA key pairs, the key fingerprint is the SHA-1 digest of the DER encoded private key.
For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with OpenSSH 6.8 .

If you imported the key pair to Amazon EC2:

For RSA key pairs, the key fingerprint is the MD5 public key fingerprint as specified in section 4 of RFC 4716.
For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with OpenSSH 6.8 .

keyPairId String

The ID of the key pair.

Supporting Types

CreateOnlyTag
, CreateOnlyTagArgs

Key string: The key name of the tag
Value string: The value of the tag

Key string: The key name of the tag
Value string: The value of the tag

key String: The key name of the tag
value String: The value of the tag

key string: The key name of the tag
value string: The value of the tag

key str: The key name of the tag
value str: The value of the tag

key String: The key name of the tag
value String: The value of the tag

KeyPairKeyFormat
, KeyPairKeyFormatArgs

Pem: pem
Ppk: ppk

KeyPairKeyFormatPem: pem
KeyPairKeyFormatPpk: ppk

Pem: pem
Ppk: ppk

Pem: pem
Ppk: ppk

PEM: pem
PPK: ppk

"pem": pem
"ppk": ppk

KeyPairKeyType
, KeyPairKeyTypeArgs

Rsa: rsa
Ed25519: ed25519

KeyPairKeyTypeRsa: rsa
KeyPairKeyTypeEd25519: ed25519

Rsa: rsa
Ed25519: ed25519

Rsa: rsa
Ed25519: ed25519

RSA: rsa
ED25519: ed25519

"rsa": rsa
"ed25519": ed25519

Package Details

Repository: AWS Native pulumi/pulumi-aws-native
License: Apache-2.0

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi

pulumi/pulumi-aws-native

aws-native.ec2.KeyPair

On this page

On this page

Example Usage

Example

Example

Example

Example

Create KeyPair Resource

Constructor syntax

Parameters

KeyPair Resource Properties

Inputs

Outputs

Supporting Types

CreateOnlyTag
, CreateOnlyTagArgs

KeyPairKeyFormat
, KeyPairKeyFormatArgs

KeyPairKeyType
, KeyPairKeyTypeArgs

Package Details

On this page

On this page

aws-native.ec2.KeyPair

On this page

On this page

Example Usage

Example

Example

Example

Example

Create KeyPair Resource

Constructor syntax

Parameters

KeyPair Resource Properties

Inputs

Outputs

Supporting Types

CreateOnlyTag, CreateOnlyTagArgs

KeyPairKeyFormat, KeyPairKeyFormatArgs

KeyPairKeyType, KeyPairKeyTypeArgs

Package Details

On this page

On this page

CreateOnlyTag
, CreateOnlyTagArgs

KeyPairKeyFormat
, KeyPairKeyFormatArgs

KeyPairKeyType
, KeyPairKeyTypeArgs