BastionHostLinuxProps

class aws_cdk.aws_ec2.BastionHostLinuxProps(*, vpc, availability_zone=None, block_devices=None, instance_name=None, instance_type=None, machine_image=None, security_group=None, subnet_selection=None)

Bases: object

__init__(*, vpc, availability_zone=None, block_devices=None, instance_name=None, instance_type=None, machine_image=None, security_group=None, subnet_selection=None)

Properties of the bastion host.

Parameters
  • vpc (IVpc) – VPC to launch the instance in.

  • availability_zone (Optional[str]) – In which AZ to place the instance within the VPC. Default: - Random zone.

  • block_devices (Optional[List[BlockDevice]]) – Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes. Each instance that is launched has an associated root device volume, either an Amazon EBS volume or an instance store volume. You can use block device mappings to specify additional EBS volumes or instance store volumes to attach to an instance when it is launched. Default: - Uses the block device mapping of the AMI

  • instance_name (Optional[str]) – The name of the instance. Default: ‘BastionHost’

  • instance_type (Optional[InstanceType]) – Type of instance to launch. Default: ‘t3.nano’

  • machine_image (Optional[IMachineImage]) – The machine image to use. Default: - An Amazon Linux 2 image which is kept up-to-date automatically (the instance may be replaced on every deployment).

  • security_group (Optional[ISecurityGroup]) – Security Group to assign to this instance. Default: - create new security group with no inbound and all outbound traffic allowed

  • subnet_selection (Optional[SubnetSelection]) – Select the subnets to run the bastion host in. Set this to PUBLIC if you need to connect to this instance via the internet and cannot use SSM. You have to allow port 22 manually by using the connections field Default: - private subnets of the supplied VPC

stability :stability: experimental

Return type

None

Attributes

availability_zone

In which AZ to place the instance within the VPC.

default :default: - Random zone.

stability :stability: experimental

Return type

Optional[str]

block_devices

Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes.

Each instance that is launched has an associated root device volume, either an Amazon EBS volume or an instance store volume. You can use block device mappings to specify additional EBS volumes or instance store volumes to attach to an instance when it is launched.

default :default: - Uses the block device mapping of the AMI

see :see: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html stability :stability: experimental

Return type

Optional[List[BlockDevice]]

instance_name

The name of the instance.

default :default: ‘BastionHost’

stability :stability: experimental

Return type

Optional[str]

instance_type

Type of instance to launch.

default :default: ‘t3.nano’

stability :stability: experimental

Return type

Optional[InstanceType]

machine_image

The machine image to use.

default :default:

  • An Amazon Linux 2 image which is kept up-to-date automatically (the instance may be replaced on every deployment).

stability :stability: experimental

Return type

Optional[IMachineImage]

security_group

Security Group to assign to this instance.

default :default: - create new security group with no inbound and all outbound traffic allowed

stability :stability: experimental

Return type

Optional[ISecurityGroup]

subnet_selection

Select the subnets to run the bastion host in.

Set this to PUBLIC if you need to connect to this instance via the internet and cannot use SSM. You have to allow port 22 manually by using the connections field

default :default: - private subnets of the supplied VPC

stability :stability: experimental

Return type

Optional[SubnetSelection]

vpc

VPC to launch the instance in.

stability :stability: experimental

Return type

IVpc