BastionHostLinuxProps

class aws_cdk.aws_ec2.BastionHostLinuxProps(*, vpc, availability_zone=None, block_devices=None, instance_name=None, instance_type=None, machine_image=None, security_group=None, subnet_selection=None)

Bases: object

Properties of the bastion host.

Parameters
  • vpc (IVpc) – VPC to launch the instance in.

  • availability_zone (Optional[str]) – In which AZ to place the instance within the VPC. Default: - Random zone.

  • block_devices (Optional[Sequence[BlockDevice]]) – Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes. Each instance that is launched has an associated root device volume, either an Amazon EBS volume or an instance store volume. You can use block device mappings to specify additional EBS volumes or instance store volumes to attach to an instance when it is launched. Default: - Uses the block device mapping of the AMI

  • instance_name (Optional[str]) – The name of the instance. Default: ‘BastionHost’

  • instance_type (Optional[InstanceType]) – Type of instance to launch. Default: ‘t3.nano’

  • machine_image (Optional[IMachineImage]) – The machine image to use, assumed to have SSM Agent preinstalled. Default: - An Amazon Linux 2 image which is kept up-to-date automatically (the instance may be replaced on every deployment) and already has SSM Agent installed.

  • security_group (Optional[ISecurityGroup]) – Security Group to assign to this instance. Default: - create new security group with no inbound and all outbound traffic allowed

  • subnet_selection (Optional[SubnetSelection]) – Select the subnets to run the bastion host in. Set this to PUBLIC if you need to connect to this instance via the internet and cannot use SSM. You have to allow port 22 manually by using the connections field Default: - private subnets of the supplied VPC

Attributes

availability_zone

In which AZ to place the instance within the VPC.

Default
  • Random zone.

Return type

Optional[str]

block_devices

Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes.

Each instance that is launched has an associated root device volume, either an Amazon EBS volume or an instance store volume. You can use block device mappings to specify additional EBS volumes or instance store volumes to attach to an instance when it is launched.

Default
  • Uses the block device mapping of the AMI

See

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html

Return type

Optional[List[BlockDevice]]

instance_name

The name of the instance.

Default

‘BastionHost’

Return type

Optional[str]

instance_type

Type of instance to launch.

Default

‘t3.nano’

Return type

Optional[InstanceType]

machine_image

The machine image to use, assumed to have SSM Agent preinstalled.

Default

  • An Amazon Linux 2 image which is kept up-to-date automatically (the instance

may be replaced on every deployment) and already has SSM Agent installed.

Return type

Optional[IMachineImage]

security_group

Security Group to assign to this instance.

Default
  • create new security group with no inbound and all outbound traffic allowed

Return type

Optional[ISecurityGroup]

subnet_selection

Select the subnets to run the bastion host in.

Set this to PUBLIC if you need to connect to this instance via the internet and cannot use SSM. You have to allow port 22 manually by using the connections field

Default
  • private subnets of the supplied VPC

Return type

Optional[SubnetSelection]

vpc

VPC to launch the instance in.

Return type

IVpc