Package software.amazon.awscdk.services.ec2

Class NatInstanceProviderV2.Builder

java.lang.Object

software.amazon.awscdk.services.ec2.NatInstanceProviderV2.Builder

All Implemented Interfaces:

software.amazon.jsii.Builder<NatInstanceProviderV2>

Enclosing class:

NatInstanceProviderV2

@Stability(Stable)
public static final class NatInstanceProviderV2.Builder
extends Object
implements software.amazon.jsii.Builder<NatInstanceProviderV2>

A fluent builder for NatInstanceProviderV2.

Method Summary

Modifier and Type	Method	Description
NatInstanceProviderV2.Builder	associatePublicIpAddress(Boolean associatePublicIpAddress)	Whether to associate a public IP address to the primary network interface attached to this instance.
NatInstanceProviderV2	build()
static NatInstanceProviderV2.Builder	create()
NatInstanceProviderV2.Builder	creditSpecification(CpuCredits creditSpecification)	Specifying the CPU credit type for burstable EC2 instance types (T2, T3, T3a, etc).
NatInstanceProviderV2.Builder	defaultAllowedTraffic(NatTrafficDirection defaultAllowedTraffic)	Direction to allow all traffic through the NAT instance by default.
NatInstanceProviderV2.Builder	instanceType(InstanceType instanceType)	Instance type of the NAT instance.
NatInstanceProviderV2.Builder	keyName(String keyName)	Deprecated. Use keyPair instead - https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ec2-readme.html#using-an-existing-ec2-key-pair
NatInstanceProviderV2.Builder	keyPair(IKeyPair keyPair)	The SSH keypair to grant access to the instance.
NatInstanceProviderV2.Builder	machineImage(IMachineImage machineImage)	The machine image (AMI) to use.
NatInstanceProviderV2.Builder	securityGroup(ISecurityGroup securityGroup)	Deprecated. - Cannot create a new security group before the VPC is created, and cannot create the VPC without the NAT provider.
NatInstanceProviderV2.Builder	userData(UserData userData)	Custom user data to run on the NAT instances.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

create

@Stability(Stable)
public static NatInstanceProviderV2.Builder create()

Returns:

a new instance of NatInstanceProviderV2.Builder.

instanceType

@Stability(Stable)
public NatInstanceProviderV2.Builder instanceType(InstanceType instanceType)

Instance type of the NAT instance.

Parameters:

instanceType - Instance type of the NAT instance. This parameter is required.

Returns:

this

associatePublicIpAddress

@Stability(Stable)
public NatInstanceProviderV2.Builder associatePublicIpAddress(Boolean associatePublicIpAddress)

Whether to associate a public IP address to the primary network interface attached to this instance.

Default: undefined - No public IP address associated

Parameters:

associatePublicIpAddress - Whether to associate a public IP address to the primary network interface attached to this instance. This parameter is required.

Returns:

this

creditSpecification

@Stability(Stable)
public NatInstanceProviderV2.Builder creditSpecification(CpuCredits creditSpecification)

Specifying the CPU credit type for burstable EC2 instance types (T2, T3, T3a, etc).

The unlimited CPU credit option is not supported for T3 instances with dedicated host (host) tenancy.

Default: - T2 instances are standard, while T3, T4g, and T3a instances are unlimited.

Parameters:

creditSpecification - Specifying the CPU credit type for burstable EC2 instance types (T2, T3, T3a, etc). This parameter is required.

Returns:

this

defaultAllowedTraffic

@Stability(Stable)
public NatInstanceProviderV2.Builder defaultAllowedTraffic(NatTrafficDirection defaultAllowedTraffic)

Direction to allow all traffic through the NAT instance by default.

By default, inbound and outbound traffic is allowed.

If you set this to another value than INBOUND_AND_OUTBOUND, you must configure the NAT instance's security groups in another way, either by passing in a fully configured Security Group using the securityGroup property, or by configuring it using the .securityGroup or .connections members after passing the NAT Instance Provider to a Vpc.

Default: NatTrafficDirection.INBOUND_AND_OUTBOUND

Parameters:

defaultAllowedTraffic - Direction to allow all traffic through the NAT instance by default. This parameter is required.

Returns:

this

keyName

@Stability(Deprecated)
@Deprecated
public NatInstanceProviderV2.Builder keyName(String keyName)

Deprecated.

• Use keyPair instead - https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ec2-readme.html#using-an-existing-ec2-key-pair

(deprecated) Name of SSH keypair to grant access to instance.

Default: - No SSH access will be possible.

Parameters:

keyName - Name of SSH keypair to grant access to instance. This parameter is required.

Returns:

this

keyPair

@Stability(Stable)
public NatInstanceProviderV2.Builder keyPair(IKeyPair keyPair)

The SSH keypair to grant access to the instance.

Default: - No SSH access will be possible.

Parameters:

keyPair - The SSH keypair to grant access to the instance. This parameter is required.

Returns:

this

machineImage

@Stability(Stable)
public NatInstanceProviderV2.Builder machineImage(IMachineImage machineImage)

The machine image (AMI) to use.

By default, will do an AMI lookup for the latest NAT instance image.

If you have a specific AMI ID you want to use, pass a GenericLinuxImage. For example:

 NatProvider.instance(NatInstanceProps.builder()
         .instanceType(new InstanceType("t3.micro"))
         .machineImage(new GenericLinuxImage(Map.of(
                 "us-east-2", "ami-0f9c61b5a562a16af")))
         .build());
 

Default: - Latest NAT instance image

Parameters:

machineImage - The machine image (AMI) to use. This parameter is required.

Returns:

this

securityGroup

@Stability(Deprecated)
@Deprecated
public NatInstanceProviderV2.Builder securityGroup(ISecurityGroup securityGroup)

Deprecated.

- Cannot create a new security group before the VPC is created, and cannot create the VPC without the NAT provider. Set defaultAllowedTraffic(software.amazon.awscdk.services.ec2.NatTrafficDirection) to

invalid @link

NatTrafficDirection.NONE

and use

invalid @link

NatInstanceProviderV2.gatewayInstances

to retrieve the instances on the fly and add security groups

(deprecated) Security Group for NAT instances.

Default: - A new security group will be created

Example:

 NatInstanceProviderV2 natGatewayProvider = NatProvider.instanceV2(NatInstanceProps.builder()
         .instanceType(new InstanceType("t3.small"))
         .defaultAllowedTraffic(NatTrafficDirection.NONE)
         .build());
 Vpc vpc = Vpc.Builder.create(this, "Vpc").natGatewayProvider(natGatewayProvider).build();
 SecurityGroup securityGroup = SecurityGroup.Builder.create(this, "SecurityGroup")
         .vpc(vpc)
         .allowAllOutbound(false)
         .build();
 securityGroup.addEgressRule(Peer.anyIpv4(), Port.tcp(443));
 for (Object gatewayInstance : natGatewayProvider.getGatewayInstances()) {
     gatewayInstance.addSecurityGroup(securityGroup);
 }
 

Parameters:

securityGroup - Security Group for NAT instances. This parameter is required.

Returns:

this

userData

@Stability(Stable)
public NatInstanceProviderV2.Builder userData(UserData userData)

Custom user data to run on the NAT instances.

Default: UserData.forLinux().addCommands(...NatInstanceProviderV2.DEFAULT_USER_DATA_COMMANDS); - Appropriate user data commands to initialize and configure the NAT instances

Parameters:

userData - Custom user data to run on the NAT instances. This parameter is required.

Returns:

this

See Also:

• https://docs.aws.amazon.com/vpc/latest/userguide/VPC_NAT_Instance.html#create-nat-ami

build

@Stability(Stable)
public NatInstanceProviderV2 build()

Specified by:

build in interface software.amazon.jsii.Builder<NatInstanceProviderV2>

Returns:

a newly built instance of NatInstanceProviderV2.