CfnVPCEndpointProps

class aws_cdk.aws_ec2.CfnVPCEndpointProps(*, service_name, vpc_id, policy_document=None, private_dns_enabled=None, route_table_ids=None, security_group_ids=None, subnet_ids=None, vpc_endpoint_type=None)

Bases: object

Properties for defining a CfnVPCEndpoint.

Parameters

  • service_name (str) – The service name. To get a list of available services, use the DescribeVpcEndpointServices request, or get the name from the service provider.

  • vpc_id (str) – The ID of the VPC in which the endpoint will be used.

  • policy_document (Optional[Any]) – (Interface and gateway endpoints) A policy to attach to the endpoint that controls access to the service. If this parameter is not specified, we attach a default policy that allows full access to the service. For CloudFormation templates in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation converts YAML policies to JSON format before calling the API to create or modify the VPC endpoint.

  • private_dns_enabled (Union[bool, IResolvable, None]) – (Interface endpoint) Indicate whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, kinesis.us-east-1.amazonaws.com ) which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service. To use a private hosted zone, you must set the following VPC attributes to true : enableDnsHostnames and enableDnsSupport . Default: false

  • route_table_ids (Optional[Sequence[str]]) – (Gateway endpoint) One or more route table IDs.

  • security_group_ids (Optional[Sequence[str]]) – (Interface endpoint) The ID of one or more security groups to associate with the endpoint network interface.

  • subnet_ids (Optional[Sequence[str]]) – (Interface and Gateway Load Balancer endpoints) The ID of one or more subnets in which to create an endpoint network interface. For a Gateway Load Balancer endpoint, you can specify one subnet only.

  • vpc_endpoint_type (Optional[str]) – The type of endpoint. Default: Gateway

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcendpoint.html

ExampleMetadata

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_ec2 as ec2

# policy_document: Any

cfn_vPCEndpoint_props = ec2.CfnVPCEndpointProps(
    service_name="serviceName",
    vpc_id="vpcId",

    # the properties below are optional
    policy_document=policy_document,
    private_dns_enabled=False,
    route_table_ids=["routeTableIds"],
    security_group_ids=["securityGroupIds"],
    subnet_ids=["subnetIds"],
    vpc_endpoint_type="vpcEndpointType"
)

Attributes

policy_document

(Interface and gateway endpoints) A policy to attach to the endpoint that controls access to the service.

If this parameter is not specified, we attach a default policy that allows full access to the service.

For CloudFormation templates in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation converts YAML policies to JSON format before calling the API to create or modify the VPC endpoint.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcendpoint.html#cfn-ec2-vpcendpoint-policydocument

Return type

Any

private_dns_enabled

(Interface endpoint) Indicate whether to associate a private hosted zone with the specified VPC.

The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, kinesis.us-east-1.amazonaws.com ) which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.

To use a private hosted zone, you must set the following VPC attributes to true : enableDnsHostnames and enableDnsSupport .

Default: false

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcendpoint.html#cfn-ec2-vpcendpoint-privatednsenabled

Return type

Union[bool, IResolvable, None]

route_table_ids

(Gateway endpoint) One or more route table IDs.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcendpoint.html#cfn-ec2-vpcendpoint-routetableids

Return type

Optional[List[str]]

security_group_ids

(Interface endpoint) The ID of one or more security groups to associate with the endpoint network interface.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcendpoint.html#cfn-ec2-vpcendpoint-securitygroupids

Return type

Optional[List[str]]

service_name

The service name.

To get a list of available services, use the DescribeVpcEndpointServices request, or get the name from the service provider.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcendpoint.html#cfn-ec2-vpcendpoint-servicename

Return type

str

subnet_ids

(Interface and Gateway Load Balancer endpoints) The ID of one or more subnets in which to create an endpoint network interface.

For a Gateway Load Balancer endpoint, you can specify one subnet only.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcendpoint.html#cfn-ec2-vpcendpoint-subnetids

Return type

Optional[List[str]]

vpc_endpoint_type

The type of endpoint.

Default: Gateway

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcendpoint.html#cfn-ec2-vpcendpoint-vpcendpointtype

Return type

Optional[str]

vpc_id

The ID of the VPC in which the endpoint will be used.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcendpoint.html#cfn-ec2-vpcendpoint-vpcid

Return type

str