NatInstanceProvider¶
-
class
aws_cdk.aws_ec2.
NatInstanceProvider
(*, instance_type, allow_all_traffic=None, key_name=None, machine_image=None, security_group=None)¶ Bases:
aws_cdk.aws_ec2.NatProvider
NAT provider which uses NAT Instances.
- Parameters
instance_type (
InstanceType
) – (experimental) Instance type of the NAT instance.allow_all_traffic (
Optional
[bool
]) – (experimental) Allow all traffic through the NAT instance. If you set this to false, you must configure the NAT instance’s security groups in another way, either by passing in a fully configured Security Group using thesecurityGroup
property, or by configuring it using the.securityGroup
or.connections
members after passing the NAT Instance Provider to a Vpc. Default: truekey_name (
Optional
[str
]) – (experimental) Name of SSH keypair to grant access to instance. Default: - No SSH access will be possible.machine_image (
Optional
[IMachineImage
]) – (experimental) The machine image (AMI) to use. By default, will do an AMI lookup for the latest NAT instance image. If you have a specific AMI ID you want to use, pass aGenericLinuxImage
. For example:: ec2.NatProvider.instance({ instanceType: new ec2.InstanceType(‘t3.micro’), machineImage: new ec2.GenericLinuxImage({ ‘us-east-2’: ‘ami-0f9c61b5a562a16af’ }) }) Default: - Latest NAT instance imagesecurity_group (
Optional
[ISecurityGroup
]) – (experimental) Security Group for NAT instances. Default: - A new security group will be created
Methods
-
configure_nat
(*, nat_subnets, private_subnets, vpc)¶ Called by the VPC to configure NAT.
Don’t call this directly, the VPC will call it automatically.
- Parameters
nat_subnets (
List
[PublicSubnet
]) – (experimental) The public subnets where the NAT providers need to be placed.private_subnets (
List
[PrivateSubnet
]) – (experimental) The private subnets that need to route through the NAT providers. There may be more private subnets than public subnets with NAT providers.vpc (
Vpc
) – (experimental) The VPC we’re configuring NAT for.
- Return type
None
-
configure_subnet
(subnet)¶ Configures subnet with the gateway.
Don’t call this directly, the VPC will call it automatically.
- Parameters
subnet (
PrivateSubnet
) –- Return type
None
Attributes
-
configured_gateways
¶ Return list of gateways spawned by the provider.
- Return type
List
[GatewayConfig
]
-
connections
¶ Manage the Security Groups associated with the NAT instances.
- Return type
-
security_group
¶ The Security Group associated with the NAT instances.
- Return type
Static Methods
-
classmethod
gateway
()¶ (experimental) Use NAT Gateways to provide NAT services for your VPC.
NAT gateways are managed by AWS.
- See
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html
- Stability
experimental
- Return type
-
classmethod
instance
(*, instance_type, allow_all_traffic=None, key_name=None, machine_image=None, security_group=None)¶ (experimental) Use NAT instances to provide NAT services for your VPC.
NAT instances are managed by you, but in return allow more configuration.
Be aware that instances created using this provider will not be automatically replaced if they are stopped for any reason. You should implement your own NatProvider based on AutoScaling groups if you need that.
- Parameters
instance_type (
InstanceType
) – (experimental) Instance type of the NAT instance.allow_all_traffic (
Optional
[bool
]) – (experimental) Allow all traffic through the NAT instance. If you set this to false, you must configure the NAT instance’s security groups in another way, either by passing in a fully configured Security Group using thesecurityGroup
property, or by configuring it using the.securityGroup
or.connections
members after passing the NAT Instance Provider to a Vpc. Default: truekey_name (
Optional
[str
]) – (experimental) Name of SSH keypair to grant access to instance. Default: - No SSH access will be possible.machine_image (
Optional
[IMachineImage
]) – (experimental) The machine image (AMI) to use. By default, will do an AMI lookup for the latest NAT instance image. If you have a specific AMI ID you want to use, pass aGenericLinuxImage
. For example:: ec2.NatProvider.instance({ instanceType: new ec2.InstanceType(‘t3.micro’), machineImage: new ec2.GenericLinuxImage({ ‘us-east-2’: ‘ami-0f9c61b5a562a16af’ }) }) Default: - Latest NAT instance imagesecurity_group (
Optional
[ISecurityGroup
]) – (experimental) Security Group for NAT instances. Default: - A new security group will be created
- See
https://docs.aws.amazon.com/vpc/latest/userguide/VPC_NAT_Instance.html
- Stability
experimental
- Return type