aws-cdk-lib.aws_ec2.NatInstanceProps

interface NatInstanceProps

LanguageType name
.NETAmazon.CDK.AWS.EC2.NatInstanceProps
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsec2#NatInstanceProps
Javasoftware.amazon.awscdk.services.ec2.NatInstanceProps
Pythonaws_cdk.aws_ec2.NatInstanceProps
TypeScript (source)aws-cdk-lib » aws_ec2 » NatInstanceProps

Properties for a NAT instance.

Example

    // Configure the `natGatewayProvider` when defining a Vpc
    const natGatewayProvider = ec2.NatProvider.instance({
      instanceType: new ec2.InstanceType('t3.small'),
    });

    const vpc = new ec2.Vpc(this, 'MyVpc', {
      natGatewayProvider,

      // The 'natGateways' parameter now controls the number of NAT instances
      natGateways: 2,
    });

Properties

NameTypeDescription
instanceTypeInstanceTypeInstance type of the NAT instance.
defaultAllowedTraffic?NatTrafficDirectionDirection to allow all traffic through the NAT instance by default.
keyName?stringName of SSH keypair to grant access to instance.
machineImage?IMachineImageThe machine image (AMI) to use.
securityGroup?ISecurityGroupSecurity Group for NAT instances.

instanceType

Type: InstanceType

Instance type of the NAT instance.


defaultAllowedTraffic?

Type: NatTrafficDirection (optional, default: NatTrafficDirection.INBOUND_AND_OUTBOUND)

Direction to allow all traffic through the NAT instance by default.

By default, inbound and outbound traffic is allowed.

If you set this to another value than INBOUND_AND_OUTBOUND, you must configure the NAT instance's security groups in another way, either by passing in a fully configured Security Group using the securityGroup property, or by configuring it using the .securityGroup or .connections members after passing the NAT Instance Provider to a Vpc.


keyName?

Type: string (optional, default: No SSH access will be possible.)

Name of SSH keypair to grant access to instance.


machineImage?

Type: IMachineImage (optional, default: Latest NAT instance image)

The machine image (AMI) to use.

By default, will do an AMI lookup for the latest NAT instance image.

If you have a specific AMI ID you want to use, pass a GenericLinuxImage. For example:

ec2.NatProvider.instance({
  instanceType: new ec2.InstanceType('t3.micro'),
  machineImage: new ec2.GenericLinuxImage({
    'us-east-2': 'ami-0f9c61b5a562a16af'
  })
})

securityGroup?

Type: ISecurityGroup (optional, default: A new security group will be created)

Security Group for NAT instances.