Class NatInstanceProps
Properties for a NAT instance.
Implements
Inherited Members
Namespace: Amazon.CDK.AWS.EC2
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class NatInstanceProps : INatInstancePropsSyntax (vb)
Public Class NatInstanceProps Implements INatInstancePropsRemarks
ExampleMetadata: infused
Examples
InstanceType instanceType;
var provider = NatProvider.InstanceV2(new NatInstanceProps {
InstanceType = instanceType,
DefaultAllowedTraffic = NatTrafficDirection.OUTBOUND_ONLY
});
new Vpc(this, "TheVPC", new VpcProps {
NatGatewayProvider = provider
});
provider.Connections.AllowFrom(Peer.Ipv4("1.2.3.4/8"), Port.HTTP);Synopsis
Constructors
| NatInstanceProps() | Properties for a NAT instance. |
Properties
| AssociatePublicIpAddress | Whether to associate a public IP address to the primary network interface attached to this instance. |
| CreditSpecification | Specifying the CPU credit type for burstable EC2 instance types (T2, T3, T3a, etc). |
| DefaultAllowedTraffic | Direction to allow all traffic through the NAT instance by default. |
| InstanceType | Instance type of the NAT instance. |
| KeyName | (deprecated) Name of SSH keypair to grant access to instance. |
| KeyPair | The SSH keypair to grant access to the instance. |
| MachineImage | The machine image (AMI) to use. |
| SecurityGroup | (deprecated) Security Group for NAT instances. |
| UserData | Custom user data to run on the NAT instances. |
Constructors
NatInstanceProps()
Properties for a NAT instance.
public NatInstanceProps()Remarks
ExampleMetadata: infused
Examples
InstanceType instanceType;
var provider = NatProvider.InstanceV2(new NatInstanceProps {
InstanceType = instanceType,
DefaultAllowedTraffic = NatTrafficDirection.OUTBOUND_ONLY
});
new Vpc(this, "TheVPC", new VpcProps {
NatGatewayProvider = provider
});
provider.Connections.AllowFrom(Peer.Ipv4("1.2.3.4/8"), Port.HTTP);Properties
AssociatePublicIpAddress
Whether to associate a public IP address to the primary network interface attached to this instance.
public bool? AssociatePublicIpAddress { get; set; }Property Value
bool?
Remarks
Default: undefined - No public IP address associated
CreditSpecification
Specifying the CPU credit type for burstable EC2 instance types (T2, T3, T3a, etc).
public CpuCredits? CreditSpecification { get; set; }Property Value
Remarks
The unlimited CPU credit option is not supported for T3 instances with dedicated host (host) tenancy.
Default: - T2 instances are standard, while T3, T4g, and T3a instances are unlimited.
DefaultAllowedTraffic
Direction to allow all traffic through the NAT instance by default.
public NatTrafficDirection? DefaultAllowedTraffic { get; set; }Property Value
Remarks
By default, inbound and outbound traffic is allowed.
If you set this to another value than INBOUND_AND_OUTBOUND, you must
configure the NAT instance's security groups in another way, either by
passing in a fully configured Security Group using the securityGroup
property, or by configuring it using the .securityGroup or
.connections members after passing the NAT Instance Provider to a Vpc.
Default: NatTrafficDirection.INBOUND_AND_OUTBOUND
InstanceType
Instance type of the NAT instance.
public InstanceType InstanceType { get; set; }Property Value
Remarks
ExampleMetadata: infused
KeyName
(deprecated) Name of SSH keypair to grant access to instance.
[Obsolete("- Use `keyPair` instead - https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ec2-readme.html#using-an-existing-ec2-key-pair")]
public string? KeyName { get; set; }Property Value
Remarks
Default: - No SSH access will be possible.
Stability: Deprecated
KeyPair
The SSH keypair to grant access to the instance.
public IKeyPair? KeyPair { get; set; }Property Value
Remarks
Default: - No SSH access will be possible.
MachineImage
The machine image (AMI) to use.
public IMachineImage? MachineImage { get; set; }Property Value
Remarks
By default, will do an AMI lookup for the latest NAT instance image.
If you have a specific AMI ID you want to use, pass a GenericLinuxImage. For example:
NatProvider.Instance(new NatInstanceProps {
InstanceType = new InstanceType("t3.micro"),
MachineImage = new GenericLinuxImage(new Dictionary<string, string> {
{ "us-east-2", "ami-0f9c61b5a562a16af" }
})
});Default: - Latest NAT instance image
SecurityGroup
(deprecated) Security Group for NAT instances.
[Obsolete("- Cannot create a new security group before the VPC is created, and cannot create the VPC without the NAT provider. Set {@link defaultAllowedTraffic } to {@link NatTrafficDirection.NONE } and use {@link NatInstanceProviderV2.gatewayInstances } to retrieve the instances on the fly and add security groups")]
public ISecurityGroup? SecurityGroup { get; set; }Property Value
Remarks
Default: - A new security group will be created
Stability: Deprecated
Examples
var natGatewayProvider = NatProvider.InstanceV2(new NatInstanceProps {
InstanceType = new InstanceType("t3.small"),
DefaultAllowedTraffic = NatTrafficDirection.NONE
});
var vpc = new Vpc(this, "Vpc", new VpcProps { NatGatewayProvider = natGatewayProvider });
var securityGroup = new SecurityGroup(this, "SecurityGroup", new SecurityGroupProps {
Vpc = vpc,
AllowAllOutbound = false
});
securityGroup.AddEgressRule(Peer.AnyIpv4(), Port.Tcp(443));
for (var gatewayInstance in natGatewayProvider.GatewayInstances)
{
gatewayInstance.AddSecurityGroup(securityGroup);
}UserData
Custom user data to run on the NAT instances.
public UserData? UserData { get; set; }Property Value
Remarks
Default: UserData.forLinux().addCommands(...NatInstanceProviderV2.DEFAULT_USER_DATA_COMMANDS); - Appropriate user data commands to initialize and configure the NAT instances
See: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_NAT_Instance.html#create-nat-ami