InterfaceVpcEndpointProps

class aws_cdk.aws_ec2.InterfaceVpcEndpointProps(*, service, lookup_supported_azs=None, open=None, private_dns_enabled=None, security_groups=None, subnets=None, vpc)

Bases: aws_cdk.aws_ec2.InterfaceVpcEndpointOptions

Construction properties for an InterfaceVpcEndpoint.

Parameters

  • service (IInterfaceVpcEndpointService) – The service to use for this interface VPC endpoint.

  • lookup_supported_azs (Optional[bool]) – Limit to only those availability zones where the endpoint service can be created. Setting this to ‘true’ requires a lookup to be performed at synthesis time. Account and region must be set on the containing stack for this to work. Default: false

  • open (Optional[bool]) – Whether to automatically allow VPC traffic to the endpoint. If enabled, all traffic to the endpoint from within the VPC will be automatically allowed. This is done based on the VPC’s CIDR range. Default: true

  • private_dns_enabled (Optional[bool]) – Whether to associate a private hosted zone with the specified VPC. This allows you to make requests to the service using its default DNS hostname. Default: set by the instance of IInterfaceVpcEndpointService, or true if not defined by the instance of IInterfaceVpcEndpointService

  • security_groups (Optional[List[ISecurityGroup]]) – The security groups to associate with this interface VPC endpoint. Default: - a new security group is created

  • subnets (Optional[SubnetSelection]) – The subnets in which to create an endpoint network interface. At most one per availability zone. Default: - private subnets

  • vpc (IVpc) – The VPC network in which the interface endpoint will be used.

Attributes

lookup_supported_azs

Limit to only those availability zones where the endpoint service can be created.

Setting this to ‘true’ requires a lookup to be performed at synthesis time. Account and region must be set on the containing stack for this to work.

Default

false

Return type

Optional[bool]

open

Whether to automatically allow VPC traffic to the endpoint.

If enabled, all traffic to the endpoint from within the VPC will be automatically allowed. This is done based on the VPC’s CIDR range.

Default

true

Return type

Optional[bool]

private_dns_enabled

Whether to associate a private hosted zone with the specified VPC.

This allows you to make requests to the service using its default DNS hostname.

Default

set by the instance of IInterfaceVpcEndpointService, or true if not defined by the instance of IInterfaceVpcEndpointService

Return type

Optional[bool]

security_groups

The security groups to associate with this interface VPC endpoint.

Default

  • a new security group is created

Return type

Optional[List[ISecurityGroup]]

service

The service to use for this interface VPC endpoint.

Return type

IInterfaceVpcEndpointService

subnets

The subnets in which to create an endpoint network interface.

At most one per availability zone.

Default

  • private subnets

Return type

Optional[SubnetSelection]

vpc

The VPC network in which the interface endpoint will be used.

Return type

IVpc