NatInstanceProps

class aws_cdk.aws_ec2.NatInstanceProps(*, instance_type, allow_all_traffic=None, default_allowed_traffic=None, key_name=None, machine_image=None, security_group=None)

Bases: object

Properties for a NAT instance.

Parameters:

  • instance_type (InstanceType) – Instance type of the NAT instance.

  • allow_all_traffic (Optional[bool]) – (deprecated) Allow all inbound traffic through the NAT instance. If you set this to false, you must configure the NAT instance’s security groups in another way, either by passing in a fully configured Security Group using the securityGroup property, or by configuring it using the .securityGroup or .connections members after passing the NAT Instance Provider to a Vpc. Default: true

  • default_allowed_traffic (Optional[NatTrafficDirection]) – Direction to allow all traffic through the NAT instance by default. By default, inbound and outbound traffic is allowed. If you set this to another value than INBOUND_AND_OUTBOUND, you must configure the NAT instance’s security groups in another way, either by passing in a fully configured Security Group using the securityGroup property, or by configuring it using the .securityGroup or .connections members after passing the NAT Instance Provider to a Vpc. Default: NatTrafficDirection.INBOUND_AND_OUTBOUND

  • key_name (Optional[str]) – Name of SSH keypair to grant access to instance. Default: - No SSH access will be possible.

  • machine_image (Optional[IMachineImage]) – The machine image (AMI) to use. By default, will do an AMI lookup for the latest NAT instance image. If you have a specific AMI ID you want to use, pass a GenericLinuxImage. For example:: ec2.NatProvider.instance({ instanceType: new ec2.InstanceType(‘t3.micro’), machineImage: new ec2.GenericLinuxImage({ ‘us-east-2’: ‘ami-0f9c61b5a562a16af’ }) }) Default: - Latest NAT instance image

  • security_group (Optional[ISecurityGroup]) – Security Group for NAT instances. Default: - A new security group will be created

ExampleMetadata:

lit=test/integ.nat-instances.lit.ts infused

Example:

# Configure the `natGatewayProvider` when defining a Vpc
nat_gateway_provider = ec2.NatProvider.instance(
    instance_type=ec2.InstanceType("t3.small")
)

vpc = ec2.Vpc(self, "MyVpc",
    nat_gateway_provider=nat_gateway_provider,

    # The 'natGateways' parameter now controls the number of NAT instances
    nat_gateways=2
)

Attributes

allow_all_traffic

(deprecated) Allow all inbound traffic through the NAT instance.

If you set this to false, you must configure the NAT instance’s security groups in another way, either by passing in a fully configured Security Group using the securityGroup property, or by configuring it using the .securityGroup or .connections members after passing the NAT Instance Provider to a Vpc.

Default:

true

Deprecated:

  • Use defaultAllowedTraffic.

Stability:

deprecated

default_allowed_traffic

Direction to allow all traffic through the NAT instance by default.

By default, inbound and outbound traffic is allowed.

If you set this to another value than INBOUND_AND_OUTBOUND, you must configure the NAT instance’s security groups in another way, either by passing in a fully configured Security Group using the securityGroup property, or by configuring it using the .securityGroup or .connections members after passing the NAT Instance Provider to a Vpc.

Default:

NatTrafficDirection.INBOUND_AND_OUTBOUND

instance_type

Instance type of the NAT instance.

key_name

Name of SSH keypair to grant access to instance.

Default:

  • No SSH access will be possible.

machine_image

The machine image (AMI) to use.

By default, will do an AMI lookup for the latest NAT instance image.

If you have a specific AMI ID you want to use, pass a GenericLinuxImage. For example:

ec2.NatProvider.instance(
    instance_type=ec2.InstanceType("t3.micro"),
    machine_image=ec2.GenericLinuxImage({
        "us-east-2": "ami-0f9c61b5a562a16af"
    })
)
Default:

  • Latest NAT instance image

security_group

Security Group for NAT instances.

Default:

  • A new security group will be created