class aws_cdk.aws_ec2.VpcEndpoint(scope, id, *, account=None, environment_from_arn=None, physical_name=None, region=None)

Bases: Resource

  • scope (Construct) –

  • id (str) –

  • account (Optional[str]) – The AWS account ID this resource belongs to. Default: - the resource is in the same account as the stack it belongs to

  • environment_from_arn (Optional[str]) – ARN to deduce region and account from. The ARN is parsed and the account and region are taken from the ARN. This should be used for imported resources. Cannot be supplied together with either account or region. Default: - take environment from account, region parameters, or use Stack environment.

  • physical_name (Optional[str]) – The value passed in by users to the physical name prop of the resource. - undefined implies that a physical name will be allocated by CloudFormation during deployment. - a concrete value implies a specific physical name - PhysicalName.GENERATE_IF_NEEDED is a marker that indicates that a physical will only be generated by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation. Default: - The physical name will be allocated by CloudFormation at deployment time

  • region (Optional[str]) – The AWS region this resource belongs to. Default: - the resource is in the same region as the stack it belongs to



Adds a statement to the policy document of the VPC endpoint. The statement must have a Principal.

Not all interface VPC endpoints support policy. For more information see https://docs.aws.amazon.com/vpc/latest/userguide/vpce-interface.html


statement (PolicyStatement) – the IAM statement to add.

Return type:



Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you’ve removed it from the CDK application or because you’ve made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).


policy (RemovalPolicy) –

Return type:



Returns a string representation of this construct.

Return type:




The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.


The construct tree node associated with this construct.


The stack in which this resource is defined.


The VPC endpoint identifier.

Static Methods

classmethod is_construct(x)

Return whether the given object is a Construct.


x (Any) –

Return type:


classmethod is_resource(construct)

Check whether the given construct is a Resource.


construct (IConstruct) –

Return type: