Interface IVpcProps
Configuration for Vpc.
Namespace: Amazon.CDK.AWS.EC2
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface IVpcPropsSyntax (vb)
Public Interface IVpcPropsRemarks
ExampleMetadata: infused
Examples
var vpc = new Vpc(this, "VPC", new VpcProps {
Cidr = "10.0.0.0/16",
NatGateways = 0,
MaxAzs = 3,
SubnetConfiguration = new [] { new SubnetConfiguration {
Name = "public-subnet-1",
SubnetType = SubnetType.PUBLIC,
CidrMask = 24
} }
});
var instance = new Instance(this, "Instance", new InstanceProps {
Vpc = vpc,
VpcSubnets = new SubnetSelection { SubnetGroupName = "public-subnet-1" },
InstanceType = InstanceType.Of(InstanceClass.T3, InstanceSize.NANO),
MachineImage = new AmazonLinuxImage(new AmazonLinuxImageProps { Generation = AmazonLinuxGeneration.AMAZON_LINUX_2 }),
DetailedMonitoring = true,
AssociatePublicIpAddress = true
});Synopsis
Properties
| AvailabilityZones | Availability zones this VPC spans. |
| Cidr | (deprecated) The CIDR range to use for the VPC, e.g. '10.0.0.0/16'. |
| CreateInternetGateway | If set to false then disable the creation of the default internet gateway. |
| DefaultInstanceTenancy | The default tenancy of instances launched into the VPC. |
| EnableDnsHostnames | Indicates whether the instances launched in the VPC get public DNS hostnames. |
| EnableDnsSupport | Indicates whether the DNS resolution is supported for the VPC. |
| FlowLogs | Flow logs to add to this VPC. |
| GatewayEndpoints | Gateway endpoints to add to this VPC. |
| IpAddresses | The Provider to use to allocate IPv4 Space to your VPC. |
| IpProtocol | The protocol of the vpc. |
| Ipv6Addresses | The Provider to use to allocate IPv6 Space to your VPC. |
| MaxAzs | Define the maximum number of AZs to use in this region. |
| NatGatewayProvider | What type of NAT provider to use. |
| NatGatewaySubnets | Configures the subnets which will have NAT Gateways/Instances. |
| NatGateways | The number of NAT Gateways/Instances to create. |
| ReservedAzs | Define the number of AZs to reserve. |
| RestrictDefaultSecurityGroup | If set to true then the default inbound & outbound rules will be removed from the default security group. |
| SubnetConfiguration | Configure the subnets to build for each AZ. |
| VpcName | The VPC name. |
| VpnConnections | VPN connections to this VPC. |
| VpnGateway | Indicates whether a VPN gateway should be created and attached to this VPC. |
| VpnGatewayAsn | The private Autonomous System Number (ASN) for the VPN gateway. |
| VpnRoutePropagation | Where to propagate VPN routes. |
Properties
AvailabilityZones
Availability zones this VPC spans.
string[]? AvailabilityZones { get; }Property Value
string[]
Remarks
Specify this option only if you do not specify maxAzs.
Default: - a subset of AZs of the stack
Cidr
(deprecated) The CIDR range to use for the VPC, e.g. '10.0.0.0/16'.
[Obsolete("Use ipAddresses instead")]
string? Cidr { get; }Property Value
Remarks
Should be a minimum of /28 and maximum size of /16. The range will be split across all subnets per Availability Zone.
Default: Vpc.DEFAULT_CIDR_RANGE
Stability: Deprecated
CreateInternetGateway
If set to false then disable the creation of the default internet gateway.
bool? CreateInternetGateway { get; }Property Value
bool?
Remarks
Default: true
DefaultInstanceTenancy
The default tenancy of instances launched into the VPC.
DefaultInstanceTenancy? DefaultInstanceTenancy { get; }Property Value
Remarks
By setting this to dedicated tenancy, instances will be launched on hardware dedicated to a single AWS customer, unless specifically specified at instance launch time. Please note, not all instance types are usable with Dedicated tenancy.
Default: DefaultInstanceTenancy.Default (shared) tenancy
EnableDnsHostnames
Indicates whether the instances launched in the VPC get public DNS hostnames.
bool? EnableDnsHostnames { get; }Property Value
bool?
Remarks
If this attribute is true, instances in the VPC get public DNS hostnames, but only if the enableDnsSupport attribute is also set to true.
Default: true
EnableDnsSupport
Indicates whether the DNS resolution is supported for the VPC.
bool? EnableDnsSupport { get; }Property Value
bool?
Remarks
If this attribute is false, the Amazon-provided DNS server in the VPC that resolves public DNS hostnames to IP addresses is not enabled. If this attribute is true, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC IPv4 network range plus two will succeed.
Default: true
FlowLogs
Flow logs to add to this VPC.
IDictionary<string, IFlowLogOptions>? FlowLogs { get; }Property Value
IDictionary<string, IFlowLogOptions>
Remarks
Default: - No flow logs.
GatewayEndpoints
Gateway endpoints to add to this VPC.
IDictionary<string, IGatewayVpcEndpointOptions>? GatewayEndpoints { get; }Property Value
IDictionary<string, IGatewayVpcEndpointOptions>
Remarks
Default: - None.
IpAddresses
The Provider to use to allocate IPv4 Space to your VPC.
IIpAddresses? IpAddresses { get; }Property Value
Remarks
Options include static allocation or from a pool.
Note this is specific to IPv4 addresses.
Default: ec2.IpAddresses.cidr
IpProtocol
The protocol of the vpc.
IpProtocol? IpProtocol { get; }Property Value
Remarks
Options are IPv4 only or dual stack.
Default: IpProtocol.IPV4_ONLY
Ipv6Addresses
The Provider to use to allocate IPv6 Space to your VPC.
IIpv6Addresses? Ipv6Addresses { get; }Property Value
Remarks
Options include amazon provided CIDR block.
Note this is specific to IPv6 addresses.
Default: Ipv6Addresses.amazonProvided
MaxAzs
Define the maximum number of AZs to use in this region.
double? MaxAzs { get; }Property Value
Remarks
If the region has more AZs than you want to use (for example, because of EIP limits), pick a lower number here. The AZs will be sorted and picked from the start of the list.
If you pick a higher number than the number of AZs in the region, all AZs in the region will be selected. To use "all AZs" available to your account, use a high number (such as 99).
Be aware that environment-agnostic stacks will be created with access to only 2 AZs, so to use more than 2 AZs, be sure to specify the account and region on your stack.
Specify this option only if you do not specify availabilityZones.
Default: 3
NatGatewayProvider
What type of NAT provider to use.
NatProvider? NatGatewayProvider { get; }Property Value
Remarks
Select between NAT gateways or NAT instances. NAT gateways may not be available in all AWS regions.
Default: NatProvider.gateway()
NatGatewaySubnets
Configures the subnets which will have NAT Gateways/Instances.
ISubnetSelection? NatGatewaySubnets { get; }Property Value
Remarks
You can pick a specific group of subnets by specifying the group name; the picked subnets must be public subnets.
Only necessary if you have more than one public subnet group.
Default: - All public subnets.
NatGateways
The number of NAT Gateways/Instances to create.
double? NatGateways { get; }Property Value
Remarks
The type of NAT gateway or instance will be determined by the
natGatewayProvider parameter.
You can set this number lower than the number of Availability Zones in your VPC in order to save on NAT cost. Be aware you may be charged for cross-AZ data traffic instead.
Default: - One NAT gateway/instance per Availability Zone
ReservedAzs
Define the number of AZs to reserve.
double? ReservedAzs { get; }Property Value
Remarks
When specified, the IP space is reserved for the azs but no actual resources are provisioned.
Default: 0
RestrictDefaultSecurityGroup
If set to true then the default inbound & outbound rules will be removed from the default security group.
bool? RestrictDefaultSecurityGroup { get; }Property Value
bool?
Remarks
Default: true if '@aws-cdk/aws-ec2:restrictDefaultSecurityGroup' is enabled, false otherwise
SubnetConfiguration
Configure the subnets to build for each AZ.
ISubnetConfiguration[]? SubnetConfiguration { get; }Property Value
Remarks
Each entry in this list configures a Subnet Group; each group will contain a subnet for each Availability Zone.
For example, if you want 1 public subnet, 1 private subnet, and 1 isolated subnet in each AZ provide the following:
new Vpc(this, "VPC", new VpcProps {
SubnetConfiguration = new [] { new SubnetConfiguration {
CidrMask = 24,
Name = "ingress",
SubnetType = SubnetType.PUBLIC
}, new SubnetConfiguration {
CidrMask = 24,
Name = "application",
SubnetType = SubnetType.PRIVATE_WITH_EGRESS
}, new SubnetConfiguration {
CidrMask = 28,
Name = "rds",
SubnetType = SubnetType.PRIVATE_ISOLATED
} }
});Default: - The VPC CIDR will be evenly divided between 1 public and 1 private subnet per AZ.
VpcName
The VPC name.
string? VpcName { get; }Property Value
Remarks
Since the VPC resource doesn't support providing a physical name, the value provided here will be recorded in the Name tag
Default: this.node.path
VpnConnections
VPN connections to this VPC.
IDictionary<string, IVpnConnectionOptions>? VpnConnections { get; }Property Value
IDictionary<string, IVpnConnectionOptions>
Remarks
Default: - No connections.
VpnGateway
Indicates whether a VPN gateway should be created and attached to this VPC.
bool? VpnGateway { get; }Property Value
bool?
Remarks
Default: - true when vpnGatewayAsn or vpnConnections is specified
VpnGatewayAsn
The private Autonomous System Number (ASN) for the VPN gateway.
double? VpnGatewayAsn { get; }Property Value
Remarks
Default: - Amazon default ASN.
VpnRoutePropagation
Where to propagate VPN routes.
ISubnetSelection[]? VpnRoutePropagation { get; }Property Value
Remarks
Default: - On the route tables associated with private subnets. If no private subnets exists, isolated subnets are used. If no isolated subnets exists, public subnets are used.