class BastionHostLinux (construct)
This creates a linux bastion host you can use to connect to other instances or services in your VPC.
The recommended way to connect to the bastion host is by using AWS Systems Manager Session Manager.
The operating system is Amazon Linux 2 with the latest SSM agent installed
You can also configure this bastion host to allow connections via SSH
new BastionHostLinux(scope: Construct, id: string, props: BastionHostLinuxProps)
|vpc||VPC to launch the instance in.|
|availability||In which AZ to place the instance within the VPC.|
|instance||The name of the instance.|
|instance||Type of instance to launch.|
|security||Security Group to assign to this instance.|
|subnet||Select the subnets to run the bastion host in.|
VPC to launch the instance in.
(optional, default: Random zone.)
In which AZ to place the instance within the VPC.
(optional, default: 'BastionHost')
The name of the instance.
(optional, default: 't3.nano')
Type of instance to launch.
(optional, default: create new security group with no inbound and all outbound traffic allowed)
Security Group to assign to this instance.
(optional, default: private subnets of the supplied VPC)
Select the subnets to run the bastion host in.
Set this to PUBLIC if you need to connect to this instance via the internet and cannot use SSM. You have to allow port 22 manually by using the connections field
|connections||Allows specify security group connections for the instance.|
|grant||The principal to grant permissions to.|
|instance||The underlying instance resource.|
|instance||The availability zone the instance was launched in.|
|instance||The instance's ID.|
|instance||Private DNS name for this instance.|
|instance||Private IP for this instance.|
|instance||Publicly-routable DNS name for this instance.|
|instance||Publicly-routable IP address for this instance.|
|node||Construct tree node which offers APIs for interacting with the construct tree.|
|role||The IAM role assumed by the instance.|
|stack||The stack in which this resource is defined.|
Allows specify security group connections for the instance.
The principal to grant permissions to.
The underlying instance resource.
The availability zone the instance was launched in.
The instance's ID.
Private DNS name for this instance.
Private IP for this instance.
Publicly-routable DNS name for this instance.
(May be an empty string if the instance does not have a public name).
Publicly-routable IP address for this instance.
(May be an empty string if the instance does not have a public IP).
Construct tree node which offers APIs for interacting with the construct tree.
The IAM role assumed by the instance.
The stack in which this resource is defined.
|allow||Allow SSH access from the given peer or peers.|
|to||Returns a string representation of this construct.|
Ssh Access From(...peer)
public allowSshAccessFrom(...peer: IPeer): void
Allow SSH access from the given peer or peers.
Necessary if you want to connect to the instance using ssh. If not called, you should use SSM Session Manager to connect to the instance.
public toString(): string
Returns a string representation of this construct.