Class BastionHostLinuxProps
Properties of the bastion host.
Implements
Inherited Members
Namespace: Amazon.CDK.AWS.EC2
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class BastionHostLinuxProps : IBastionHostLinuxPropsSyntax (vb)
Public Class BastionHostLinuxProps Implements IBastionHostLinuxPropsRemarks
ExampleMetadata: fixture=with-vpc infused
Examples
var host = new BastionHostLinux(this, "BastionHost", new BastionHostLinuxProps {
Vpc = vpc,
BlockDevices = new [] { new BlockDevice {
DeviceName = "/dev/sdh",
Volume = BlockDeviceVolume.Ebs(10, new EbsDeviceOptions {
Encrypted = true
})
} }
});Synopsis
Constructors
| BastionHostLinuxProps() | Properties of the bastion host. |
Properties
| AvailabilityZone | In which AZ to place the instance within the VPC. |
| BlockDevices | Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes. |
| Init | Apply the given CloudFormation Init configuration to the instance at startup. |
| InitOptions | Use the given options for applying CloudFormation Init. |
| InstanceName | The name of the instance. |
| InstanceType | Type of instance to launch. |
| MachineImage | The machine image to use, assumed to have SSM Agent preinstalled. |
| RequireImdsv2 | Whether IMDSv2 should be required on this instance. |
| SecurityGroup | Security Group to assign to this instance. |
| SubnetSelection | Select the subnets to run the bastion host in. |
| UserDataCausesReplacement | Determines whether changes to the UserData will force instance replacement. |
| Vpc | VPC to launch the instance in. |
Constructors
BastionHostLinuxProps()
Properties of the bastion host.
public BastionHostLinuxProps()Remarks
ExampleMetadata: fixture=with-vpc infused
Examples
var host = new BastionHostLinux(this, "BastionHost", new BastionHostLinuxProps {
Vpc = vpc,
BlockDevices = new [] { new BlockDevice {
DeviceName = "/dev/sdh",
Volume = BlockDeviceVolume.Ebs(10, new EbsDeviceOptions {
Encrypted = true
})
} }
});Properties
AvailabilityZone
In which AZ to place the instance within the VPC.
public string? AvailabilityZone { get; set; }Property Value
Remarks
Default: - Random zone.
BlockDevices
Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes.
public IBlockDevice[]? BlockDevices { get; set; }Property Value
Remarks
Each instance that is launched has an associated root device volume, either an Amazon EBS volume or an instance store volume. You can use block device mappings to specify additional EBS volumes or instance store volumes to attach to an instance when it is launched.
Default: - Uses the block device mapping of the AMI
See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html
Init
Apply the given CloudFormation Init configuration to the instance at startup.
public CloudFormationInit? Init { get; set; }Property Value
Remarks
Default: - no CloudFormation init
InitOptions
Use the given options for applying CloudFormation Init.
public IApplyCloudFormationInitOptions? InitOptions { get; set; }Property Value
IApplyCloudFormationInitOptions
Remarks
Describes the configsets to use and the timeout to wait
Default: - default options
InstanceName
The name of the instance.
public string? InstanceName { get; set; }Property Value
Remarks
Default: 'BastionHost'
InstanceType
Type of instance to launch.
public InstanceType? InstanceType { get; set; }Property Value
Remarks
Default: 't3.nano'
MachineImage
The machine image to use, assumed to have SSM Agent preinstalled.
public IMachineImage? MachineImage { get; set; }Property Value
Remarks
Default: - An Amazon Linux 2023 image if the @aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault feature flag is enabled. Otherwise, an Amazon Linux 2 image. In both cases, the image is kept up-to-date automatically (the instance
may be replaced on every deployment) and already has SSM Agent installed.
RequireImdsv2
Whether IMDSv2 should be required on this instance.
public bool? RequireImdsv2 { get; set; }Property Value
bool?
Remarks
Default: - false
SecurityGroup
Security Group to assign to this instance.
public ISecurityGroup? SecurityGroup { get; set; }Property Value
Remarks
Default: - create new security group with no inbound and all outbound traffic allowed
SubnetSelection
Select the subnets to run the bastion host in.
public ISubnetSelection? SubnetSelection { get; set; }Property Value
Remarks
Set this to PUBLIC if you need to connect to this instance via the internet and cannot use SSM. You have to allow port 22 manually by using the connections field
Default: - private subnets of the supplied VPC
UserDataCausesReplacement
Determines whether changes to the UserData will force instance replacement.
public bool? UserDataCausesReplacement { get; set; }Property Value
bool?
Remarks
Depending on the EC2 instance type, modifying the UserData may either restart or replace the instance:
Note that by default, restarting does not execute the updated UserData, so an alternative mechanism is needed to ensure the instance re-executes the UserData.
When set to true, the instance's Logical ID will depend on the UserData, causing
CloudFormation to replace the instance if the UserData changes.
Default: - true if initOptions is specified, otherwise false.
Vpc
VPC to launch the instance in.
public IVpc Vpc { get; set; }Property Value
Remarks
ExampleMetadata: fixture=with-vpc infused