CfnVPCEncryptionControlProps

class aws_cdk.aws_ec2.CfnVPCEncryptionControlProps(*, egress_only_internet_gateway_exclusion_input=None, elastic_file_system_exclusion_input=None, internet_gateway_exclusion_input=None, lambda_exclusion_input=None, mode=None, nat_gateway_exclusion_input=None, tags=None, virtual_private_gateway_exclusion_input=None, vpc_id=None, vpc_lattice_exclusion_input=None, vpc_peering_exclusion_input=None)

Bases: object

Properties for defining a CfnVPCEncryptionControl.

Parameters:

egress_only_internet_gateway_exclusion_input (Optional[str]) – Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement.
elastic_file_system_exclusion_input (Optional[str]) – Specifies whether to exclude Elastic File System traffic from encryption enforcement.
internet_gateway_exclusion_input (Optional[str]) – Specifies whether to exclude internet gateway traffic from encryption enforcement.
lambda_exclusion_input (Optional[str]) – Specifies whether to exclude Lambda function traffic from encryption enforcement.
mode (Optional[str]) – The encryption mode for the VPC Encryption Control configuration.
nat_gateway_exclusion_input (Optional[str]) – Specifies whether to exclude NAT gateway traffic from encryption enforcement.
tags (Optional[Sequence[Union[CfnTag, Dict[str, Any]]]]) – The tags assigned to the VPC Encryption Control configuration.
virtual_private_gateway_exclusion_input (Optional[str]) – Specifies whether to exclude virtual private gateway traffic from encryption enforcement.
vpc_id (Optional[str]) – The ID of the VPC for which to create the encryption control configuration.
vpc_lattice_exclusion_input (Optional[str]) – Specifies whether to exclude VPC Lattice traffic from encryption enforcement.
vpc_peering_exclusion_input (Optional[str]) – Specifies whether to exclude VPC peering connection traffic from encryption enforcement.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcencryptioncontrol.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk import aws_ec2 as ec2

cfn_vPCEncryption_control_props = ec2.CfnVPCEncryptionControlProps(
    egress_only_internet_gateway_exclusion_input="egressOnlyInternetGatewayExclusionInput",
    elastic_file_system_exclusion_input="elasticFileSystemExclusionInput",
    internet_gateway_exclusion_input="internetGatewayExclusionInput",
    lambda_exclusion_input="lambdaExclusionInput",
    mode="mode",
    nat_gateway_exclusion_input="natGatewayExclusionInput",
    tags=[CfnTag(
        key="key",
        value="value"
    )],
    virtual_private_gateway_exclusion_input="virtualPrivateGatewayExclusionInput",
    vpc_id="vpcId",
    vpc_lattice_exclusion_input="vpcLatticeExclusionInput",
    vpc_peering_exclusion_input="vpcPeeringExclusionInput"
)

Attributes

egress_only_internet_gateway_exclusion_input

Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcencryptioncontrol.html#cfn-ec2-vpcencryptioncontrol-egressonlyinternetgatewayexclusioninput

elastic_file_system_exclusion_input

Specifies whether to exclude Elastic File System traffic from encryption enforcement.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcencryptioncontrol.html#cfn-ec2-vpcencryptioncontrol-elasticfilesystemexclusioninput

internet_gateway_exclusion_input

Specifies whether to exclude internet gateway traffic from encryption enforcement.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcencryptioncontrol.html#cfn-ec2-vpcencryptioncontrol-internetgatewayexclusioninput

lambda_exclusion_input

Specifies whether to exclude Lambda function traffic from encryption enforcement.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcencryptioncontrol.html#cfn-ec2-vpcencryptioncontrol-lambdaexclusioninput

mode

The encryption mode for the VPC Encryption Control configuration.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcencryptioncontrol.html#cfn-ec2-vpcencryptioncontrol-mode

nat_gateway_exclusion_input

Specifies whether to exclude NAT gateway traffic from encryption enforcement.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcencryptioncontrol.html#cfn-ec2-vpcencryptioncontrol-natgatewayexclusioninput

tags

The tags assigned to the VPC Encryption Control configuration.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcencryptioncontrol.html#cfn-ec2-vpcencryptioncontrol-tags

virtual_private_gateway_exclusion_input

Specifies whether to exclude virtual private gateway traffic from encryption enforcement.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcencryptioncontrol.html#cfn-ec2-vpcencryptioncontrol-virtualprivategatewayexclusioninput

vpc_id

The ID of the VPC for which to create the encryption control configuration.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcencryptioncontrol.html#cfn-ec2-vpcencryptioncontrol-vpcid

vpc_lattice_exclusion_input

Specifies whether to exclude VPC Lattice traffic from encryption enforcement.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcencryptioncontrol.html#cfn-ec2-vpcencryptioncontrol-vpclatticeexclusioninput

vpc_peering_exclusion_input

Specifies whether to exclude VPC peering connection traffic from encryption enforcement.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcencryptioncontrol.html#cfn-ec2-vpcencryptioncontrol-vpcpeeringexclusioninput