Interface InterfaceVpcEndpointOptions

All Superinterfaces:
software.amazon.jsii.JsiiSerializable
All Known Subinterfaces:
InterfaceVpcEndpointProps
All Known Implementing Classes:
InterfaceVpcEndpointOptions.Jsii$Proxy, InterfaceVpcEndpointProps.Jsii$Proxy

@Generated(value="jsii-pacmak/1.104.0 (build e79254c)", date="2024-11-27T16:50:56.649Z") @Stability(Stable) public interface InterfaceVpcEndpointOptions extends software.amazon.jsii.JsiiSerializable
Options to add an interface endpoint to a VPC.

Example:

 // Add gateway endpoints when creating the VPC
 Vpc vpc = Vpc.Builder.create(this, "MyVpc")
         .gatewayEndpoints(Map.of(
                 "S3", GatewayVpcEndpointOptions.builder()
                         .service(GatewayVpcEndpointAwsService.S3)
                         .build()))
         .build();
 // Alternatively gateway endpoints can be added on the VPC
 GatewayVpcEndpoint dynamoDbEndpoint = vpc.addGatewayEndpoint("DynamoDbEndpoint", GatewayVpcEndpointOptions.builder()
         .service(GatewayVpcEndpointAwsService.DYNAMODB)
         .build());
 // This allows to customize the endpoint policy
 dynamoDbEndpoint.addToPolicy(
 PolicyStatement.Builder.create() // Restrict to listing and describing tables
         .principals(List.of(new AnyPrincipal()))
         .actions(List.of("dynamodb:DescribeTable", "dynamodb:ListTables"))
         .resources(List.of("*")).build());
 // Add an interface endpoint
 vpc.addInterfaceEndpoint("EcrDockerEndpoint", InterfaceVpcEndpointOptions.builder()
         .service(InterfaceVpcEndpointAwsService.ECR_DOCKER)
         .build());
 
  • Method Details

    • getService

      @Stability(Stable) @NotNull IInterfaceVpcEndpointService getService()
      The service to use for this interface VPC endpoint.
    • getLookupSupportedAzs

      @Stability(Stable) @Nullable default Boolean getLookupSupportedAzs()
      Limit to only those availability zones where the endpoint service can be created.

      Setting this to 'true' requires a lookup to be performed at synthesis time. Account and region must be set on the containing stack for this to work.

      Default: false

    • getOpen

      @Stability(Stable) @Nullable default Boolean getOpen()
      Whether to automatically allow VPC traffic to the endpoint.

      If enabled, all traffic to the endpoint from within the VPC will be automatically allowed. This is done based on the VPC's CIDR range.

      Default: true

    • getPrivateDnsEnabled

      @Stability(Stable) @Nullable default Boolean getPrivateDnsEnabled()
      Whether to associate a private hosted zone with the specified VPC.

      This allows you to make requests to the service using its default DNS hostname.

      Default: set by the instance of IInterfaceVpcEndpointService, or true if not defined by the instance of IInterfaceVpcEndpointService

    • getSecurityGroups

      @Stability(Stable) @Nullable default List<ISecurityGroup> getSecurityGroups()
      The security groups to associate with this interface VPC endpoint.

      Default: - a new security group is created

    • getSubnets

      @Stability(Stable) @Nullable default SubnetSelection getSubnets()
      The subnets in which to create an endpoint network interface.

      At most one per availability zone.

      Default: - private subnets

    • builder

      @Stability(Stable) static InterfaceVpcEndpointOptions.Builder builder()
      Returns:
      a InterfaceVpcEndpointOptions.Builder of InterfaceVpcEndpointOptions