PublicSubnet

class aws_cdk.aws_ec2.PublicSubnet(scope, id, *, availability_zone, cidr_block, vpc_id, assign_ipv6_address_on_creation=None, ipv6_cidr_block=None, map_public_ip_on_launch=None)

Bases: Subnet

Represents a public VPC subnet resource.

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk import aws_ec2 as ec2

public_subnet = ec2.PublicSubnet(self, "MyPublicSubnet",
    availability_zone="availabilityZone",
    cidr_block="cidrBlock",
    vpc_id="vpcId",

    # the properties below are optional
    assign_ipv6_address_on_creation=False,
    ipv6_cidr_block="ipv6CidrBlock",
    map_public_ip_on_launch=False
)
Parameters:
  • scope (Construct) –

  • id (str) –

  • availability_zone (str) – The availability zone for the subnet.

  • cidr_block (str) – The CIDR notation for this subnet.

  • vpc_id (str) – The VPC which this subnet is part of.

  • assign_ipv6_address_on_creation (Optional[bool]) – Indicates whether a network interface created in this subnet receives an IPv6 address. If you specify AssignIpv6AddressOnCreation, you must also specify Ipv6CidrBlock. Default: false

  • ipv6_cidr_block (Optional[str]) – The IPv6 CIDR block. If you specify AssignIpv6AddressOnCreation, you must also specify Ipv6CidrBlock. Default: - no IPv6 CIDR block.

  • map_public_ip_on_launch (Optional[bool]) – Controls if a public IP is associated to an instance at launch. Default: true in Subnet.Public, false in Subnet.Private or Subnet.Isolated.

Methods

add_default_internet_route(gateway_id, gateway_attachment)

Create a default route that points to a passed IGW, with a dependency on the IGW’s attachment to the VPC.

Parameters:
  • gateway_id (str) – the logical ID (ref) of the gateway attached to your VPC.

  • gateway_attachment (IDependable) – the gateway attachment construct to be added as a dependency.

Return type:

None

add_default_nat_route(nat_gateway_id)

Adds an entry to this subnets route table that points to the passed NATGatewayId.

Parameters:

nat_gateway_id (str) – The ID of the NAT gateway.

Return type:

None

add_ipv6_default_egress_only_internet_route(gateway_id)

Create a default IPv6 route that points to a passed EIGW.

Parameters:

gateway_id (str) – the logical ID (ref) of the gateway attached to your VPC.

Return type:

None

add_ipv6_default_internet_route(gateway_id)

Create a default IPv6 route that points to a passed IGW.

Parameters:

gateway_id (str) – the logical ID (ref) of the gateway attached to your VPC.

Return type:

None

add_ipv6_nat64_route(nat_gateway_id)

Adds an entry to this subnets route table that points to the passed NATGatewayId.

Uses the known 64:ff9b::/96 prefix.

Parameters:

nat_gateway_id (str) – The ID of the NAT gateway.

Return type:

None

add_nat_gateway(eip_allocation_id=None)

Creates a new managed NAT gateway attached to this public subnet.

Also adds the EIP for the managed NAT.

Parameters:

eip_allocation_id (Optional[str]) –

Return type:

CfnNatGateway

Returns:

A ref to the the NAT Gateway ID

add_route(id, *, router_id, router_type, destination_cidr_block=None, destination_ipv6_cidr_block=None, enables_internet_connectivity=None)

Adds an entry to this subnets route table.

Parameters:
  • id (str) –

  • router_id (str) – The ID of the router. Can be an instance ID, gateway ID, etc, depending on the router type.

  • router_type (RouterType) – What type of router to route this traffic to.

  • destination_cidr_block (Optional[str]) – IPv4 range this route applies to. Default: ‘0.0.0.0/0’

  • destination_ipv6_cidr_block (Optional[str]) – IPv6 range this route applies to. Default: - Uses IPv6

  • enables_internet_connectivity (Optional[bool]) – Whether this route will enable internet connectivity. If true, this route will be added before any AWS resources that depend on internet connectivity in the VPC will be created. Default: false

Return type:

None

apply_removal_policy(policy)

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you’ve removed it from the CDK application or because you’ve made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).

Parameters:

policy (RemovalPolicy) –

Return type:

None

associate_network_acl(id, network_acl)

Associate a Network ACL with this subnet.

Parameters:
Return type:

None

to_string()

Returns a string representation of this construct.

Return type:

str

Attributes

availability_zone

The Availability Zone the subnet is located in.

dependency_elements

Parts of this VPC subnet.

env

The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.

internet_connectivity_established

Dependable that can be depended upon to force internet connectivity established on the VPC.

ipv4_cidr_block

The IPv4 CIDR block for this subnet.

Attribute:

true

network_acl

Network ACL associated with this Subnet.

Upon creation, this is the default ACL which allows all traffic, except explicit DENY entries that you add.

You can replace it with a custom ACL which denies all traffic except the explicit ALLOW entries that you add by creating a NetworkAcl object and calling associateNetworkAcl().

node

The tree node.

route_table

The routeTableId attached to this subnet.

stack

The stack in which this resource is defined.

subnet_availability_zone

true

Type:

attribute

subnet_id

The subnetId for this particular subnet.

subnet_ipv6_cidr_blocks

true

Type:

attribute

subnet_network_acl_association_id

true

Type:

attribute

subnet_outpost_arn

The Amazon Resource Name (ARN) of the Outpost for this subnet (if one exists).

Attribute:

true

subnet_vpc_id

true

Type:

attribute

Static Methods

classmethod from_public_subnet_attributes(scope, id, *, subnet_id, availability_zone=None, ipv4_cidr_block=None, route_table_id=None)
Parameters:
  • scope (Construct) –

  • id (str) –

  • subnet_id (str) – The subnetId for this particular subnet.

  • availability_zone (Optional[str]) – The Availability Zone the subnet is located in. Default: - No AZ information, cannot use AZ selection features

  • ipv4_cidr_block (Optional[str]) – The IPv4 CIDR block associated with the subnet. Default: - No CIDR information, cannot use CIDR filter features

  • route_table_id (Optional[str]) – The ID of the route table for this particular subnet. Default: - No route table information, cannot create VPC endpoints

Return type:

IPublicSubnet

classmethod from_subnet_attributes(scope, id, *, subnet_id, availability_zone=None, ipv4_cidr_block=None, route_table_id=None)
Parameters:
  • scope (Construct) –

  • id (str) –

  • subnet_id (str) – The subnetId for this particular subnet.

  • availability_zone (Optional[str]) – The Availability Zone the subnet is located in. Default: - No AZ information, cannot use AZ selection features

  • ipv4_cidr_block (Optional[str]) – The IPv4 CIDR block associated with the subnet. Default: - No CIDR information, cannot use CIDR filter features

  • route_table_id (Optional[str]) – The ID of the route table for this particular subnet. Default: - No route table information, cannot create VPC endpoints

Return type:

ISubnet

classmethod from_subnet_id(scope, id, subnet_id)

Import existing subnet from id.

Parameters:
  • scope (Construct) –

  • id (str) –

  • subnet_id (str) –

Return type:

ISubnet

classmethod is_construct(x)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

Parameters:

x (Any) – Any object.

Return type:

bool

Returns:

true if x is an object created from a class which extends Construct.

classmethod is_owned_resource(construct)

Returns true if the construct was created by CDK, and false otherwise.

Parameters:

construct (IConstruct) –

Return type:

bool

classmethod is_resource(construct)

Check whether the given construct is a Resource.

Parameters:

construct (IConstruct) –

Return type:

bool

classmethod is_vpc_subnet(x)
Parameters:

x (Any) –

Return type:

bool