CfnResolverEndpointProps
- class aws_cdk.aws_route53resolver.CfnResolverEndpointProps(*, direction, ip_addresses, security_group_ids, name=None, outpost_arn=None, preferred_instance_type=None, protocols=None, resolver_endpoint_type=None, tags=None)
Bases:
objectProperties for defining a
CfnResolverEndpoint.- Parameters:
direction (
str) – Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:. -INBOUND: allows DNS queries to your VPC from your network -OUTBOUND: allows DNS queries from your VPC to your networkip_addresses (
Union[IResolvable,Sequence[Union[IResolvable,IpAddressRequestProperty,Dict[str,Any]]]]) – The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC. .. epigraph:: Even though the minimum is 1, Route 53 requires that you create at least two.security_group_ids (
Sequence[str]) – The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you’re using for DNS queries on your network.name (
Optional[str]) – A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.outpost_arn (
Optional[str]) – The ARN (Amazon Resource Name) for the Outpost.preferred_instance_type (
Optional[str]) – The Amazon EC2 instance type.protocols (
Optional[Sequence[str]]) – Protocols used for the endpoint. DoH-FIPS is applicable for inbound endpoints only. For an inbound endpoint you can apply the protocols as follows: - Do53 and DoH in combination. - Do53 and DoH-FIPS in combination. - Do53 alone. - DoH alone. - DoH-FIPS alone. - None, which is treated as Do53. For an outbound endpoint you can apply the protocols as follows: - Do53 and DoH in combination. - Do53 alone. - DoH alone. - None, which is treated as Do53.resolver_endpoint_type (
Optional[str]) – The Resolver endpoint IP address type.tags (
Optional[Sequence[Union[CfnTag,Dict[str,Any]]]]) – Route 53 Resolver doesn’t support updating tags through CloudFormation.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_route53resolver as route53resolver cfn_resolver_endpoint_props = route53resolver.CfnResolverEndpointProps( direction="direction", ip_addresses=[route53resolver.CfnResolverEndpoint.IpAddressRequestProperty( subnet_id="subnetId", # the properties below are optional ip="ip", ipv6="ipv6" )], security_group_ids=["securityGroupIds"], # the properties below are optional name="name", outpost_arn="outpostArn", preferred_instance_type="preferredInstanceType", protocols=["protocols"], resolver_endpoint_type="resolverEndpointType", tags=[CfnTag( key="key", value="value" )] )
Attributes
- direction
.
INBOUND: allows DNS queries to your VPC from your networkOUTBOUND: allows DNS queries from your VPC to your network
- See:
- Type:
Indicates whether the Resolver endpoint allows inbound or outbound DNS queries
- ip_addresses
The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints).
The subnet ID uniquely identifies a VPC. .. epigraph:
Even though the minimum is 1, Route 53 requires that you create at least two.
- name
A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.
- outpost_arn
The ARN (Amazon Resource Name) for the Outpost.
- preferred_instance_type
The Amazon EC2 instance type.
- protocols
Protocols used for the endpoint. DoH-FIPS is applicable for inbound endpoints only.
For an inbound endpoint you can apply the protocols as follows:
Do53 and DoH in combination.
Do53 and DoH-FIPS in combination.
Do53 alone.
DoH alone.
DoH-FIPS alone.
None, which is treated as Do53.
For an outbound endpoint you can apply the protocols as follows:
Do53 and DoH in combination.
Do53 alone.
DoH alone.
None, which is treated as Do53.
- resolver_endpoint_type
The Resolver endpoint IP address type.
- security_group_ids
The ID of one or more security groups that control access to this VPC.
The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you’re using for DNS queries on your network.
- tags
Route 53 Resolver doesn’t support updating tags through CloudFormation.