Interface INatInstanceProps

Properties for a NAT instance.

Namespace: Amazon.CDK.AWS.EC2
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface INatInstanceProps
Syntax (vb)
Public Interface INatInstanceProps
Remarks

ExampleMetadata: infused

Examples
InstanceType instanceType;


var provider = NatProvider.InstanceV2(new NatInstanceProps {
    InstanceType = instanceType,
    DefaultAllowedTraffic = NatTrafficDirection.OUTBOUND_ONLY
});
new Vpc(this, "TheVPC", new VpcProps {
    NatGatewayProvider = provider
});
provider.Connections.AllowFrom(Peer.Ipv4("1.2.3.4/8"), Port.HTTP);

Synopsis

Properties

AssociatePublicIpAddress

Whether to associate a public IP address to the primary network interface attached to this instance.
CreditSpecification

Specifying the CPU credit type for burstable EC2 instance types (T2, T3, T3a, etc).
DefaultAllowedTraffic

Direction to allow all traffic through the NAT instance by default.
InstanceType

Instance type of the NAT instance.
KeyName

(deprecated) Name of SSH keypair to grant access to instance.
KeyPair

The SSH keypair to grant access to the instance.
MachineImage

The machine image (AMI) to use.
SecurityGroup

(deprecated) Security Group for NAT instances.
UserData

Custom user data to run on the NAT instances.

Properties

AssociatePublicIpAddress

Whether to associate a public IP address to the primary network interface attached to this instance.

virtual Nullable<bool> AssociatePublicIpAddress { get; }
Property Value

System.Nullable<System.Boolean>

Remarks

Default: undefined - No public IP address associated

CreditSpecification

Specifying the CPU credit type for burstable EC2 instance types (T2, T3, T3a, etc).

virtual Nullable<CpuCredits> CreditSpecification { get; }
Property Value

System.Nullable<CpuCredits>

Remarks

The unlimited CPU credit option is not supported for T3 instances with dedicated host (host) tenancy.

Default: - T2 instances are standard, while T3, T4g, and T3a instances are unlimited.

DefaultAllowedTraffic

Direction to allow all traffic through the NAT instance by default.

virtual Nullable<NatTrafficDirection> DefaultAllowedTraffic { get; }
Property Value

System.Nullable<NatTrafficDirection>

Remarks

By default, inbound and outbound traffic is allowed.

If you set this to another value than INBOUND_AND_OUTBOUND, you must configure the NAT instance's security groups in another way, either by passing in a fully configured Security Group using the securityGroup property, or by configuring it using the .securityGroup or .connections members after passing the NAT Instance Provider to a Vpc.

Default: NatTrafficDirection.INBOUND_AND_OUTBOUND

InstanceType

Instance type of the NAT instance.

InstanceType InstanceType { get; }
Property Value

InstanceType

KeyName

(deprecated) Name of SSH keypair to grant access to instance.

virtual string KeyName { get; }
Property Value

System.String

Remarks

Default: - No SSH access will be possible.

Stability: Deprecated

KeyPair

The SSH keypair to grant access to the instance.

virtual IKeyPair KeyPair { get; }
Property Value

IKeyPair

Remarks

Default: - No SSH access will be possible.

MachineImage

The machine image (AMI) to use.

virtual IMachineImage MachineImage { get; }
Property Value

IMachineImage

Remarks

By default, will do an AMI lookup for the latest NAT instance image.

If you have a specific AMI ID you want to use, pass a GenericLinuxImage. For example:

NatProvider.Instance(new NatInstanceProps {
    InstanceType = new InstanceType("t3.micro"),
    MachineImage = new GenericLinuxImage(new Dictionary<string, string> {
        { "us-east-2", "ami-0f9c61b5a562a16af" }
    })
});

Default: - Latest NAT instance image

SecurityGroup

(deprecated) Security Group for NAT instances.

virtual ISecurityGroup SecurityGroup { get; }
Property Value

ISecurityGroup

Remarks

Default: - A new security group will be created

Stability: Deprecated

Examples
var natGatewayProvider = NatProvider.InstanceV2(new NatInstanceProps {
    InstanceType = new InstanceType("t3.small"),
    DefaultAllowedTraffic = NatTrafficDirection.NONE
});
var vpc = new Vpc(this, "Vpc", new VpcProps { NatGatewayProvider = natGatewayProvider });

var securityGroup = new SecurityGroup(this, "SecurityGroup", new SecurityGroupProps {
    Vpc = vpc,
    AllowAllOutbound = false
});
securityGroup.AddEgressRule(Peer.AnyIpv4(), Port.Tcp(443));
for (var gatewayInstance in natGatewayProvider.GatewayInstances)
{
    gatewayInstance.AddSecurityGroup(securityGroup);
}

UserData

Custom user data to run on the NAT instances.

virtual UserData UserData { get; }
Property Value

UserData

Remarks

Default: UserData.forLinux().addCommands(...NatInstanceProviderV2.DEFAULT_USER_DATA_COMMANDS); - Appropriate user data commands to initialize and configure the NAT instances

See: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_NAT_Instance.html#create-nat-ami