aws_cdk.aws_ec2
Either an IPv4 or an IPv6 CIDR. |
|
The traffic that is configured using a Network ACL entry. |
|
What action to apply to traffic matching the ACL. |
|
The IP address type. |
|
A SSM Parameter that contains the AMI ID for Amazon Linux 2023. |
|
Amazon Linux 2022 kernel versions. |
|
A SSM Parameter that contains the AMI ID for Amazon Linux 2023. |
|
Amazon Linux 2023 kernel versions. |
|
A SSM Parameter that contains the AMI ID for Amazon Linux 2. |
|
Amazon Linux 2 kernel versions. |
|
CPU type. |
|
Amazon Linux edition. |
|
What generation of Amazon Linux to use. |
|
Selects the latest version of Amazon Linux. |
|
Amazon Linux Kernel. |
|
Available storage options for Amazon Linux images Only applies to Amazon Linux & Amazon Linux 2. |
|
Virtualization type for Amazon Linux. |
|
This creates a linux bastion host you can use to connect to other instances or services in your VPC. |
|
Describes a block device mapping for an EC2 instance or Auto Scaling group. |
|
Creates a new Capacity Reservation with the specified attributes. |
|
Creates a new Capacity Reservation Fleet with the specified attributes. |
|
Creates a carrier gateway. |
|
Specifies an ingress authorization rule to add to a Client VPN endpoint. |
|
Specifies a Client VPN endpoint. |
|
Specifies a network route to add to a Client VPN endpoint. |
|
Specifies a target network to associate with a Client VPN endpoint. |
|
Specifies a customer gateway. |
|
Specifies a set of DHCP options for your VPC. |
|
Specifies the configuration information to launch a fleet–or group–of instances. |
|
Specifies an Elastic IP (EIP) address and can, optionally, associate it with an Amazon EC2 instance. |
|
Associates an Elastic IP address with an instance or a network interface. |
|
[IPv6 only] Specifies an egress-only internet gateway for your VPC. |
|
Associates an AWS Identity and Access Management (IAM) role with an Certificate Manager (ACM) certificate. |
|
Specifies a VPC flow log that captures IP traffic for a specified network interface, subnet, or VPC. |
|
Associates a virtual private gateway or internet gateway with a route table. |
|
Allocates a fully dedicated physical server for launching EC2 instances. |
|
IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts throughout your AWS Organization. |
|
In IPAM, an allocation is a CIDR assignment from an IPAM pool to another IPAM pool or to a resource. |
|
In IPAM, a pool is a collection of contiguous IP addresses CIDRs. |
|
A CIDR provisioned to an IPAM pool. |
|
A resource discovery is an IPAM component that enables IPAM to manage and monitor resources that belong to the owning account. |
|
An IPAM resource discovery association. |
|
In IPAM, a scope is the highest-level container within IPAM. |
|
Specifies an EC2 instance. |
|
Creates an EC2 Instance Connect Endpoint. |
|
Allocates an internet gateway for use with a VPC. |
|
A route server association is the connection established between a route server and a VPC. |
|
Specifies a key pair for use with an Amazon Elastic Compute Cloud instance as follows:. |
|
Specifies the properties for creating a launch template. |
|
Creates a static route for the specified local gateway route table. You must specify one of the following targets:. |
|
Describes a local gateway route table. |
|
Associates the specified VPC with the specified local gateway route table. |
|
Describes an association between a local gateway route table and a virtual interface group. |
|
CfnLocalGatewayRouteTableVirtualInterfaceGroupAssociationProps |
|
Specifies a network address translation (NAT) gateway in the specified subnet. |
|
Specifies a network ACL for your VPC. |
|
Specifies an entry, known as a rule, in a network ACL with a rule number you specify. |
|
Describes a Network Access Scope. |
|
Describes a Network Access Scope analysis. |
|
Specifies a network insights analysis. |
|
Specifies a path to analyze for reachability. |
|
Describes a network interface in an Amazon EC2 instance for AWS CloudFormation . |
|
Attaches an elastic network interface (ENI) to an Amazon EC2 instance. |
|
Specifies a permission for the network interface, For example, you can grant an AWS -authorized account permission to attach the network interface to an instance in their account. |
|
Describes Infrastructure Performance subscriptions. |
|
Specifies a placement group in which to launch instances. |
|
Specifies a managed prefix list. |
|
Specifies a route in a route table. For more information, see Routes in the Amazon VPC User Guide . |
|
Specifies a route server to manage dynamic routing in a VPC. |
|
Specifies the association between a route server and a VPC. |
|
Creates a new endpoint for a route server in a specified subnet. |
|
Specifies a BGP peer configuration for a route server endpoint. |
|
Specifies route propagation from a route server to a route table. |
|
Specifies a route table for the specified VPC. |
|
Specifies a security group. |
|
Adds the specified outbound (egress) rule to a security group. |
|
Adds an inbound (ingress) rule to a security group. |
|
A security group association with a VPC. |
|
Specifies the state of the block public access for snapshots setting for the Region. |
|
Specifies a Spot Fleet request. |
|
Specifies a subnet for the specified VPC. |
|
Associates a CIDR block with your subnet. |
|
Associates a subnet with a network ACL. For more information, see ReplaceNetworkAclAssociation in the Amazon EC2 API Reference . |
|
Associates a subnet with a route table. |
|
Specifies a Traffic Mirror filter. |
|
Creates a Traffic Mirror filter rule. |
|
Creates a Traffic Mirror session. |
|
Specifies a target for your Traffic Mirror session. |
|
Specifies a transit gateway. |
|
Attaches a VPC to a transit gateway. |
|
Creates a Connect attachment from a specified transit gateway attachment. |
|
Describes a transit gateway Connect peer. |
|
Creates a multicast domain using the specified transit gateway. |
|
Associates the specified subnets and transit gateway attachments with the specified transit gateway multicast domain. |
|
Registers members (network interfaces) with the transit gateway multicast group. |
|
Registers sources (network interfaces) with the specified transit gateway multicast domain. |
|
Requests a transit gateway peering attachment between the specified transit gateway (requester) and a peer transit gateway (accepter). |
|
Specifies a static route for a transit gateway route table. |
|
Specifies a route table for a transit gateway. |
|
Associates the specified attachment with the specified transit gateway route table. |
|
Enables the specified attachment to propagate routes to the specified propagation route table. |
|
Specifies a VPC attachment. |
|
Specifies a virtual private cloud (VPC). |
|
Create a VPC Block Public Access (BPA) exclusion. |
|
VPC Block Public Access (BPA) enables you to block resources in VPCs and subnets that you own in a Region from reaching or being reached from the internet through internet gateways and egress-only internet gateways. |
|
Associates a CIDR block with your VPC. |
|
Associates a set of DHCP options with a VPC, or associates no DHCP options with the VPC. |
|
Specifies a VPC endpoint. |
|
Specifies a connection notification for a VPC endpoint or VPC endpoint service. |
|
Creates a VPC endpoint service configuration to which service consumers ( AWS accounts, users, and IAM roles) can connect. |
|
Grant or revoke permissions for service consumers (users, IAM roles, and AWS accounts) to connect to a VPC endpoint service. |
|
Attaches an internet gateway, or a virtual private gateway to a VPC, enabling connectivity between the internet and the VPC. |
|
Requests a VPC peering connection between two VPCs: a requester VPC that you own and an accepter VPC with which to create the connection. |
|
Specifies a VPN connection between a virtual private gateway and a VPN customer gateway or a transit gateway and a VPN customer gateway. |
|
Specifies a static route for a VPN connection between an existing virtual private gateway and a VPN customer gateway. |
|
Specifies a virtual private gateway. |
|
Enables a virtual private gateway (VGW) to propagate routes to the specified route table of a VPC. |
|
An AWS Verified Access endpoint specifies the application that AWS Verified Access provides access to. |
|
An AWS Verified Access group is a collection of AWS Verified Access endpoints who’s associated applications have similar security requirements. |
|
An AWS Verified Access instance is a regional entity that evaluates application requests and grants access only when your security requirements are met. |
|
A trust provider is a third-party entity that creates, maintains, and manages identity information for users and devices. |
|
Specifies an Amazon Elastic Block Store (Amazon EBS) volume. |
|
Attaches an Amazon EBS volume to a running instance and exposes it to the instance with the specified device name. |
|
A client VPN authorization rule. |
|
A client VPN connection. |
|
A client VPN route. |
|
Target for a client VPN route. |
|
Maximum VPN session duration time. |
|
User-based authentication for a client VPN endpoint. |
|
A CloudFormation-init configuration. |
|
Manage the allowed network connections for constructs with Security Groups. |
|
Provides the options for specifying the CPU credit type for burstable EC2 instance types (T2, T3, T3a, etc). |
|
The default tenancy of instances launched into the VPC. |
|
Supported EBS volume types for blockDevices. |
|
A VPC flow log. |
|
The destination type for the flow log. |
|
The available destination types for Flow Logs. |
|
The file format for flow logs written to an S3 bucket destination. |
|
The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. |
|
The type of resource to create the flow log for. |
|
The type of VPC traffic to log. |
|
A gateway VPC endpoint. |
|
An AWS service for a gateway VPC endpoint. |
|
Construct a Linux machine image from an AMI map. |
|
Select the image based on a given SSM parameter at deployment time of the CloudFormation Stack. |
|
Construct a Windows machine image from an AMI map. |
|
(experimental) Indicates that this resource can be referenced as a CapacityReservationFleet. |
|
(experimental) Indicates that this resource can be referenced as a CapacityReservation. |
|
(experimental) Indicates that this resource can be referenced as a CarrierGateway. |
|
(experimental) Indicates that this resource can be referenced as a ClientVpnAuthorizationRule. |
|
A connection handler for client VPN endpoints. |
|
A client VPN endpoint. |
|
(experimental) Indicates that this resource can be referenced as a ClientVpnEndpoint. |
|
(experimental) Indicates that this resource can be referenced as a ClientVpnRoute. |
|
(experimental) Indicates that this resource can be referenced as a ClientVpnTargetNetworkAssociation. |
|
An object that has a Connections object. |
|
(experimental) Indicates that this resource can be referenced as a CustomerGateway. |
|
(experimental) Indicates that this resource can be referenced as a DHCPOptions. |
|
(experimental) Indicates that this resource can be referenced as a EC2Fleet. |
|
(experimental) Indicates that this resource can be referenced as a EIPAssociation. |
|
(experimental) Indicates that this resource can be referenced as a EIP. |
|
(experimental) Indicates that this resource can be referenced as a EgressOnlyInternetGateway. |
|
(experimental) Indicates that this resource can be referenced as a EnclaveCertificateIamRoleAssociation. |
|
A FlowLog. |
|
(experimental) Indicates that this resource can be referenced as a FlowLog. |
|
(experimental) Indicates that this resource can be referenced as a GatewayRouteTableAssociation. |
|
A gateway VPC endpoint. |
|
A service for a gateway VPC endpoint. |
|
(experimental) Indicates that this resource can be referenced as a Host. |
|
(experimental) Indicates that this resource can be referenced as a IPAMAllocation. |
|
(experimental) Indicates that this resource can be referenced as a IPAMPoolCidr. |
|
(experimental) Indicates that this resource can be referenced as a IPAMPool. |
|
(experimental) Indicates that this resource can be referenced as a IPAM. |
|
(experimental) Indicates that this resource can be referenced as a IPAMResourceDiscoveryAssociation. |
|
(experimental) Indicates that this resource can be referenced as a IPAMResourceDiscovery. |
|
(experimental) Indicates that this resource can be referenced as a IPAMScope. |
|
(experimental) Indicates that this resource can be referenced as a InstanceConnectEndpoint. |
|
(experimental) Indicates that this resource can be referenced as a Instance. |
|
An interface VPC endpoint. |
|
A service for an interface VPC endpoint. |
|
(experimental) Indicates that this resource can be referenced as a InternetGateway. |
|
Implementations for ip address management. |
|
(experimental) Indicates that this resource can be referenced as a IpPoolRouteTableAssociation. |
|
Implementations for IPv6 address management. |
|
An EC2 Key Pair. |
|
(experimental) Indicates that this resource can be referenced as a KeyPair. |
|
Interface for LaunchTemplate-like objects. |
|
(experimental) Indicates that this resource can be referenced as a LaunchTemplate. |
|
(experimental) Indicates that this resource can be referenced as a LocalGatewayRoute. |
|
(experimental) Indicates that this resource can be referenced as a LocalGatewayRouteTable. |
|
(experimental) Indicates that this resource can be referenced as a LocalGatewayRouteTableVPCAssociation. |
|
(experimental) Indicates that this resource can be referenced as a LocalGatewayRouteTableVirtualInterfaceGroupAssociation. |
|
Interface for classes that can select an appropriate machine image to use. |
|
(experimental) Indicates that this resource can be referenced as a NatGateway. |
|
A NetworkAcl. |
|
A NetworkAclEntry. |
|
(experimental) Indicates that this resource can be referenced as a NetworkAclEntry. |
|
(experimental) Indicates that this resource can be referenced as a NetworkAcl. |
|
(experimental) Indicates that this resource can be referenced as a NetworkInsightsAccessScopeAnalysis. |
|
(experimental) Indicates that this resource can be referenced as a NetworkInsightsAccessScope. |
|
(experimental) Indicates that this resource can be referenced as a NetworkInsightsAnalysis. |
|
(experimental) Indicates that this resource can be referenced as a NetworkInsightsPath. |
|
(experimental) Indicates that this resource can be referenced as a NetworkInterfaceAttachment. |
|
(experimental) Indicates that this resource can be referenced as a NetworkInterfacePermission. |
|
(experimental) Indicates that this resource can be referenced as a NetworkInterface. |
|
(experimental) Indicates that this resource can be referenced as a NetworkPerformanceMetricSubscription. |
|
Interface for classes that provide the peer-specification parts of a security group rule. |
|
Determines where your instances are placed on the underlying hardware according to the specified PlacementGroupStrategy. |
|
(experimental) Indicates that this resource can be referenced as a PlacementGroup. |
|
A prefix list. |
|
(experimental) Indicates that this resource can be referenced as a PrefixList. |
|
(experimental) Indicates that this resource can be referenced as a Route. |
|
(experimental) Indicates that this resource can be referenced as a RouteServerAssociation. |
|
(experimental) Indicates that this resource can be referenced as a RouteServerEndpoint. |
|
(experimental) Indicates that this resource can be referenced as a RouteServerPeer. |
|
(experimental) Indicates that this resource can be referenced as a RouteServerPropagation. |
|
(experimental) Indicates that this resource can be referenced as a RouteServer. |
|
An abstract route table. |
|
(experimental) Indicates that this resource can be referenced as a RouteTable. |
|
Interface for security group-like objects. |
|
(experimental) Indicates that this resource can be referenced as a SecurityGroupEgress. |
|
(experimental) Indicates that this resource can be referenced as a SecurityGroupIngress. |
|
(experimental) Indicates that this resource can be referenced as a SecurityGroup. |
|
(experimental) Indicates that this resource can be referenced as a SecurityGroupVpcAssociation. |
|
(experimental) Indicates that this resource can be referenced as a SnapshotBlockPublicAccess. |
|
(experimental) Indicates that this resource can be referenced as a SpotFleet. |
|
(experimental) Indicates that this resource can be referenced as a SubnetCidrBlock. |
|
A SubnetNetworkAclAssociation. |
|
(experimental) Indicates that this resource can be referenced as a SubnetNetworkAclAssociation. |
|
(experimental) Indicates that this resource can be referenced as a Subnet. |
|
(experimental) Indicates that this resource can be referenced as a SubnetRouteTableAssociation. |
|
(experimental) Indicates that this resource can be referenced as a TrafficMirrorFilter. |
|
(experimental) Indicates that this resource can be referenced as a TrafficMirrorFilterRule. |
|
(experimental) Indicates that this resource can be referenced as a TrafficMirrorSession. |
|
(experimental) Indicates that this resource can be referenced as a TrafficMirrorTarget. |
|
(experimental) Indicates that this resource can be referenced as a TransitGatewayAttachment. |
|
(experimental) Indicates that this resource can be referenced as a TransitGatewayConnectPeer. |
|
(experimental) Indicates that this resource can be referenced as a TransitGatewayConnect. |
|
(experimental) Indicates that this resource can be referenced as a TransitGatewayMulticastDomainAssociation. |
|
(experimental) Indicates that this resource can be referenced as a TransitGatewayMulticastDomain. |
|
(experimental) Indicates that this resource can be referenced as a TransitGatewayMulticastGroupMember. |
|
(experimental) Indicates that this resource can be referenced as a TransitGatewayMulticastGroupSource. |
|
(experimental) Indicates that this resource can be referenced as a TransitGatewayPeeringAttachment. |
|
(experimental) Indicates that this resource can be referenced as a TransitGateway. |
|
(experimental) Indicates that this resource can be referenced as a TransitGatewayRoute. |
|
(experimental) Indicates that this resource can be referenced as a TransitGatewayRouteTableAssociation. |
|
(experimental) Indicates that this resource can be referenced as a TransitGatewayRouteTablePropagation. |
|
(experimental) Indicates that this resource can be referenced as a TransitGatewayRouteTable. |
|
(experimental) Indicates that this resource can be referenced as a TransitGatewayVpcAttachment. |
|
(experimental) Indicates that this resource can be referenced as a VPCBlockPublicAccessExclusion. |
|
(experimental) Indicates that this resource can be referenced as a VPCBlockPublicAccessOptions. |
|
(experimental) Indicates that this resource can be referenced as a VPCCidrBlock. |
|
(experimental) Indicates that this resource can be referenced as a VPCDHCPOptionsAssociation. |
|
(experimental) Indicates that this resource can be referenced as a VPCEndpointConnectionNotification. |
|
(experimental) Indicates that this resource can be referenced as a VPCEndpoint. |
|
(experimental) Indicates that this resource can be referenced as a VPCEndpointServicePermissions. |
|
(experimental) Indicates that this resource can be referenced as a VPCEndpointService. |
|
(experimental) Indicates that this resource can be referenced as a VPCGatewayAttachment. |
|
(experimental) Indicates that this resource can be referenced as a VPCPeeringConnection. |
|
(experimental) Indicates that this resource can be referenced as a VPC. |
|
(experimental) Indicates that this resource can be referenced as a VPNConnection. |
|
(experimental) Indicates that this resource can be referenced as a VPNConnectionRoute. |
|
(experimental) Indicates that this resource can be referenced as a VPNGateway. |
|
(experimental) Indicates that this resource can be referenced as a VPNGatewayRoutePropagation. |
|
(experimental) Indicates that this resource can be referenced as a VerifiedAccessEndpoint. |
|
(experimental) Indicates that this resource can be referenced as a VerifiedAccessGroup. |
|
(experimental) Indicates that this resource can be referenced as a VerifiedAccessInstance. |
|
(experimental) Indicates that this resource can be referenced as a VerifiedAccessTrustProvider. |
|
An EBS Volume in AWS EC2. |
|
(experimental) Indicates that this resource can be referenced as a VolumeAttachment. |
|
(experimental) Indicates that this resource can be referenced as a Volume. |
|
A VPC endpoint. |
|
A VPC endpoint service. |
|
A load balancer that can host a VPC Endpoint Service. |
|
The virtual private gateway interface. |
|
Command to execute on the instance. |
|
Represents a duration to wait after a command has finished, in case of a reboot (Windows only). |
|
A collection of configuration elements. |
|
Base class for all CloudFormation Init elements. |
|
Create files on the EC2 instance. |
|
Create Linux/UNIX groups and assign group IDs. |
|
A package to be installed during cfn-init time. |
|
A services that be enabled, disabled or restarted when the instance is launched. |
|
An object that represents reasons to restart an InitService. |
|
Extract an archive into a directory. |
|
Create Linux/UNIX users and to assign user IDs. |
|
This represents a single EC2 instance. |
|
Identifies an instance’s CPU architecture. |
|
What class and generation of instance to use. |
|
Provides the options for specifying the instance initiated shutdown behavior. |
|
Aspect that applies IMDS configuration on EC2 Instance constructs. |
|
What size of instance to use. |
|
Instance type for EC2 instances. |
|
A interface VPC endpoint. |
|
An AWS service for an interface VPC endpoint. |
|
A custom-hosted service for an interface VPC endpoint. |
|
IP address types supported for VPC endpoint service. |
|
An abstract Provider of IpAddresses. |
|
The types of IP addresses provisioned in the VPC. |
|
An abstract Provider of Ipv6Addresses. |
|
An EC2 Key Pair. |
|
The format of the Key Pair. |
|
The type of the key pair. |
|
This represents an EC2 LaunchTemplate. |
|
The state of token usage for your instance metadata requests. |
|
Aspect that applies IMDS configuration on EC2 Launch Template constructs. |
|
A class that provides convenient access to special version tokens for LaunchTemplate versions. |
|
LocalGatewayRouteTableVirtualInterfaceGroupAssociationReference |
|
The following table describes all of the available fields for a flow log record. |
|
A machine image whose AMI ID will be searched using DescribeImages. |
|
Factory functions for standard Amazon Machine Image objects. |
|
The base class for all classes which can be used as |
|
Mime multipart user data. |
|
Provider for NAT Gateways. |
|
Machine image representing the latest NAT instance image. |
|
(deprecated) NAT provider which uses NAT Instances. |
|
Modern NAT provider which uses NAT Instances. |
|
NAT providers. |
|
Direction of traffic to allow all by default. |
|
Define a new custom network ACL. |
|
Define an entry in a Network ACL table. |
|
The OS type of a particular image. |
|
Peer object factories (to be used in Security Group management). |
|
Defines a placement group. |
|
Determines how this placement group spreads instances. |
|
Which strategy to use when launching instances. |
|
Interface for classes that provide the connection-specification parts of a security group rule. |
|
A managed prefix list. |
|
Represents a private VPC subnet resource. |
|
Protocol for use in Connection Rules. |
|
Represents a public VPC subnet resource. |
|
Select the image based on a given SSM parameter at instance launch time. |
|
Type of router used in route. |
|
Creates an Amazon EC2 security group within a VPC. |
|
The service manager that will be used by InitServices. |
|
Provides the options for the types of interruption for spot instances. |
|
The Spot Instance request type. |
|
Represents a new VPC subnet resource. |
|
Contains logic which chooses a set of subnets from a larger list, in conjunction with SubnetSelection, to determine where to place AWS resources such as VPC endpoints, EC2 instances, etc. |
|
The type of Subnet. |
|
Direction of traffic the AclEntry applies to. |
|
Transport protocol for client VPN. |
|
Instance User Data. |
|
Creates a new EBS Volume in AWS EC2. |
|
Define an AWS Virtual Private Cloud. |
|
Enums for all Dns Record IP Address types. |
|
IP address type for the endpoint. |
|
Indicates whether to enable private DNS only for inbound endpoints. |
|
A VPC endpoint service. |
|
The type of VPC endpoint. |
|
Define a VPN Connection. |
|
Base class for Vpn connections. |
|
The VPN connection type. |
|
The VPN Gateway that shall be added to the VPC. |
|
Port for client VPN. |
|
Select the latest version of the indicated Windows version. |
|
The Windows version to use for the WindowsImage. |