aws-cdk-lib.aws_ec2.CfnInstance

class CfnInstance (construct)

LanguageType name
.NETAmazon.CDK.AWS.EC2.CfnInstance
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsec2#CfnInstance
Javasoftware.amazon.awscdk.services.ec2.CfnInstance
Pythonaws_cdk.aws_ec2.CfnInstance
TypeScript aws-cdk-lib » aws_ec2 » CfnInstance

Implements IConstruct, IDependable, IInspectable

A CloudFormation AWS::EC2::Instance.

Specifies an EC2 instance.

If an Elastic IP address is attached to your instance, AWS CloudFormation reattaches the Elastic IP address after it updates the instance. For more information about updating stacks, see AWS CloudFormation Stacks Updates .

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_ec2 as ec2 } from 'aws-cdk-lib';
const cfnInstance = new ec2.CfnInstance(this, 'MyCfnInstance', /* all optional props */ {
  additionalInfo: 'additionalInfo',
  affinity: 'affinity',
  availabilityZone: 'availabilityZone',
  blockDeviceMappings: [{
    deviceName: 'deviceName',

    // the properties below are optional
    ebs: {
      deleteOnTermination: false,
      encrypted: false,
      iops: 123,
      kmsKeyId: 'kmsKeyId',
      snapshotId: 'snapshotId',
      volumeSize: 123,
      volumeType: 'volumeType',
    },
    noDevice: { },
    virtualName: 'virtualName',
  }],
  cpuOptions: {
    coreCount: 123,
    threadsPerCore: 123,
  },
  creditSpecification: {
    cpuCredits: 'cpuCredits',
  },
  disableApiTermination: false,
  ebsOptimized: false,
  elasticGpuSpecifications: [{
    type: 'type',
  }],
  elasticInferenceAccelerators: [{
    type: 'type',

    // the properties below are optional
    count: 123,
  }],
  enclaveOptions: {
    enabled: false,
  },
  hibernationOptions: {
    configured: false,
  },
  hostId: 'hostId',
  hostResourceGroupArn: 'hostResourceGroupArn',
  iamInstanceProfile: 'iamInstanceProfile',
  imageId: 'imageId',
  instanceInitiatedShutdownBehavior: 'instanceInitiatedShutdownBehavior',
  instanceType: 'instanceType',
  ipv6AddressCount: 123,
  ipv6Addresses: [{
    ipv6Address: 'ipv6Address',
  }],
  kernelId: 'kernelId',
  keyName: 'keyName',
  launchTemplate: {
    version: 'version',

    // the properties below are optional
    launchTemplateId: 'launchTemplateId',
    launchTemplateName: 'launchTemplateName',
  },
  licenseSpecifications: [{
    licenseConfigurationArn: 'licenseConfigurationArn',
  }],
  monitoring: false,
  networkInterfaces: [{
    deviceIndex: 'deviceIndex',

    // the properties below are optional
    associateCarrierIpAddress: false,
    associatePublicIpAddress: false,
    deleteOnTermination: false,
    description: 'description',
    groupSet: ['groupSet'],
    ipv6AddressCount: 123,
    ipv6Addresses: [{
      ipv6Address: 'ipv6Address',
    }],
    networkInterfaceId: 'networkInterfaceId',
    privateIpAddress: 'privateIpAddress',
    privateIpAddresses: [{
      primary: false,
      privateIpAddress: 'privateIpAddress',
    }],
    secondaryPrivateIpAddressCount: 123,
    subnetId: 'subnetId',
  }],
  placementGroupName: 'placementGroupName',
  privateDnsNameOptions: {
    enableResourceNameDnsAaaaRecord: false,
    enableResourceNameDnsARecord: false,
    hostnameType: 'hostnameType',
  },
  privateIpAddress: 'privateIpAddress',
  propagateTagsToVolumeOnCreation: false,
  ramdiskId: 'ramdiskId',
  securityGroupIds: ['securityGroupIds'],
  securityGroups: ['securityGroups'],
  sourceDestCheck: false,
  ssmAssociations: [{
    documentName: 'documentName',

    // the properties below are optional
    associationParameters: [{
      key: 'key',
      value: ['value'],
    }],
  }],
  subnetId: 'subnetId',
  tags: [{
    key: 'key',
    value: 'value',
  }],
  tenancy: 'tenancy',
  userData: 'userData',
  volumes: [{
    device: 'device',
    volumeId: 'volumeId',
  }],
});

Initializer

new CfnInstance(scope: Construct, id: string, props?: CfnInstanceProps)

Parameters

  • scope Construct — - scope in which this resource is defined.
  • id string — - scoped id of the resource.
  • props CfnInstanceProps — - resource properties.

Create a new AWS::EC2::Instance.

Construct Props

NameTypeDescription
additionalInfo?stringThis property is reserved for internal use.
affinity?stringIndicates whether the instance is associated with a dedicated host.
availabilityZone?stringThe Availability Zone of the instance.
blockDeviceMappings?IResolvable | IResolvable | BlockDeviceMappingProperty[]The block device mapping entries that defines the block devices to attach to the instance at launch.
cpuOptions?IResolvable | CpuOptionsPropertyThe CPU options for the instance.
creditSpecification?IResolvable | CreditSpecificationPropertyThe credit option for CPU usage of the burstable performance instance.
disableApiTermination?boolean | IResolvableIf you set this parameter to true , you can't terminate the instance using the Amazon EC2 console, CLI, or API;
ebsOptimized?boolean | IResolvableIndicates whether the instance is optimized for Amazon EBS I/O.
elasticGpuSpecifications?IResolvable | IResolvable | ElasticGpuSpecificationProperty[]An elastic GPU to associate with the instance.
elasticInferenceAccelerators?IResolvable | IResolvable | ElasticInferenceAcceleratorProperty[]An elastic inference accelerator to associate with the instance.
enclaveOptions?IResolvable | EnclaveOptionsPropertyIndicates whether the instance is enabled for AWS Nitro Enclaves.
hibernationOptions?IResolvable | HibernationOptionsPropertyIndicates whether an instance is enabled for hibernation.
hostId?stringIf you specify host for the Affinity property, the ID of a dedicated host that the instance is associated with.
hostResourceGroupArn?stringThe ARN of the host resource group in which to launch the instances.
iamInstanceProfile?stringThe name of an IAM instance profile.
imageId?stringThe ID of the AMI.
instanceInitiatedShutdownBehavior?stringIndicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).
instanceType?stringThe instance type. For more information, see Instance types in the Amazon EC2 User Guide .
ipv6AddressCount?numberThe number of IPv6 addresses to associate with the primary network interface.
ipv6Addresses?IResolvable | IResolvable | InstanceIpv6AddressProperty[]The IPv6 addresses from the range of the subnet to associate with the primary network interface.
kernelId?stringThe ID of the kernel.
keyName?stringThe name of the key pair. You can create a key pair using CreateKeyPair or ImportKeyPair .
launchTemplate?IResolvable | LaunchTemplateSpecificationPropertyThe launch template to use to launch the instances.
licenseSpecifications?IResolvable | IResolvable | LicenseSpecificationProperty[]The license configurations.
monitoring?boolean | IResolvableSpecifies whether detailed monitoring is enabled for the instance.
networkInterfaces?IResolvable | IResolvable | NetworkInterfaceProperty[]The network interfaces to associate with the instance.
placementGroupName?stringThe name of an existing placement group that you want to launch the instance into (clusterpartitionspread).
privateDnsNameOptions?IResolvable | PrivateDnsNameOptionsPropertyThe options for the instance hostname.
privateIpAddress?stringThe primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.
propagateTagsToVolumeOnCreation?boolean | IResolvableIndicates whether to assign the tags from the instance to all of the volumes attached to the instance at launch.
ramdiskId?stringThe ID of the RAM disk to select.
securityGroupIds?string[]The IDs of the security groups.
securityGroups?string[][Default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead.
sourceDestCheck?boolean | IResolvableEnable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives.
ssmAssociations?IResolvable | IResolvable | SsmAssociationProperty[]The SSM document and parameter values in AWS Systems Manager to associate with this instance. To use this property, you must specify an IAM instance profile role for the instance. For more information, see Create an IAM instance profile for Systems Manager in the AWS Systems Manager User Guide .
subnetId?stringThe ID of the subnet to launch the instance into.
tags?CfnTag[]The tags to add to the instance.
tenancy?stringThe tenancy of the instance.
userData?stringThe user data script to make available to the instance.
volumes?IResolvable | IResolvable | VolumeProperty[]The volumes to attach to the instance.

additionalInfo?

Type: string (optional)

This property is reserved for internal use.

If you use it, the stack fails with this error: Bad property set: [Testing this property] (Service: AmazonEC2; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: 0XXXXXX-49c7-4b40-8bcc-76885dcXXXXX) .


affinity?

Type: string (optional)

Indicates whether the instance is associated with a dedicated host.

If you want the instance to always restart on the same host on which it was launched, specify host . If you want the instance to restart on any available host, but try to launch onto the last host it ran on (on a best-effort basis), specify default .


availabilityZone?

Type: string (optional)

The Availability Zone of the instance.

If not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.

This parameter is not supported by DescribeImageAttribute .


blockDeviceMappings?

Type: IResolvable | IResolvable | BlockDeviceMappingProperty[] (optional)

The block device mapping entries that defines the block devices to attach to the instance at launch.

By default, the block devices specified in the block device mapping for the AMI are used. You can override the AMI block device mapping using the instance block device mapping. For the root volume, you can override only the volume size, volume type, volume encryption settings, and the DeleteOnTermination setting.

After the instance is running, you can modify only the DeleteOnTermination parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance replacement .


cpuOptions?

Type: IResolvable | CpuOptionsProperty (optional)

The CPU options for the instance.

For more information, see Optimize CPU options in the Amazon Elastic Compute Cloud User Guide .


creditSpecification?

Type: IResolvable | CreditSpecificationProperty (optional)

The credit option for CPU usage of the burstable performance instance.

Valid values are standard and unlimited . To change this attribute after launch, use ModifyInstanceCreditSpecification . For more information, see Burstable performance instances in the Amazon EC2 User Guide .

Default: standard (T2 instances) or unlimited (T3/T3a/T4g instances)

For T3 instances with host tenancy, only standard is supported.


disableApiTermination?

Type: boolean | IResolvable (optional)

If you set this parameter to true , you can't terminate the instance using the Amazon EC2 console, CLI, or API;

otherwise, you can. To change this attribute after launch, use ModifyInstanceAttribute . Alternatively, if you set InstanceInitiatedShutdownBehavior to terminate , you can terminate the instance by running the shutdown command from the instance.

Default: false


ebsOptimized?

Type: boolean | IResolvable (optional)

Indicates whether the instance is optimized for Amazon EBS I/O.

This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.

Default: false


elasticGpuSpecifications?

Type: IResolvable | IResolvable | ElasticGpuSpecificationProperty[] (optional)

An elastic GPU to associate with the instance.

An Elastic GPU is a GPU resource that you can attach to your Windows instance to accelerate the graphics performance of your applications. For more information, see Amazon EC2 Elastic GPUs in the Amazon EC2 User Guide .


elasticInferenceAccelerators?

Type: IResolvable | IResolvable | ElasticInferenceAcceleratorProperty[] (optional)

An elastic inference accelerator to associate with the instance.

Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.

You cannot specify accelerators from different generations in the same request.

Starting April 15, 2023, AWS will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.


enclaveOptions?

Type: IResolvable | EnclaveOptionsProperty (optional)

Indicates whether the instance is enabled for AWS Nitro Enclaves.


hibernationOptions?

Type: IResolvable | HibernationOptionsProperty (optional)

Indicates whether an instance is enabled for hibernation.

This parameter is valid only if the instance meets the hibernation prerequisites . For more information, see Hibernate your instance in the Amazon EC2 User Guide .

You can't enable hibernation and AWS Nitro Enclaves on the same instance.


hostId?

Type: string (optional)

If you specify host for the Affinity property, the ID of a dedicated host that the instance is associated with.

If you don't specify an ID, Amazon EC2 launches the instance onto any available, compatible dedicated host in your account. This type of launch is called an untargeted launch. Note that for untargeted launches, you must have a compatible, dedicated host available to successfully launch instances.


hostResourceGroupArn?

Type: string (optional)

The ARN of the host resource group in which to launch the instances.

If you specify a host resource group ARN, omit the Tenancy parameter or set it to host .


iamInstanceProfile?

Type: string (optional)

The name of an IAM instance profile.

To create a new IAM instance profile, use the AWS::IAM::InstanceProfile resource.


imageId?

Type: string (optional)

The ID of the AMI.

An AMI ID is required to launch an instance and must be specified here or in a launch template.


instanceInitiatedShutdownBehavior?

Type: string (optional)

Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).

Default: stop


instanceType?

Type: string (optional)

The instance type. For more information, see Instance types in the Amazon EC2 User Guide .

When you change your EBS-backed instance type, instance restart or replacement behavior depends on the instance type compatibility between the old and new types. An instance that's backed by an instance store volume is always replaced. For more information, see Change the instance type in the Amazon EC2 User Guide .

Default: m1.small


ipv6AddressCount?

Type: number (optional)

The number of IPv6 addresses to associate with the primary network interface.

Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.

You cannot specify this option and the network interfaces option in the same request.


ipv6Addresses?

Type: IResolvable | IResolvable | InstanceIpv6AddressProperty[] (optional)

The IPv6 addresses from the range of the subnet to associate with the primary network interface.

You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.

You cannot specify this option and the network interfaces option in the same request.


kernelId?

Type: string (optional)

The ID of the kernel.

We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see PV-GRUB in the Amazon EC2 User Guide .


keyName?

Type: string (optional)

The name of the key pair. You can create a key pair using CreateKeyPair or ImportKeyPair .

If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.


launchTemplate?

Type: IResolvable | LaunchTemplateSpecificationProperty (optional)

The launch template to use to launch the instances.

Any parameters that you specify in the AWS CloudFormation template override the same parameters in the launch template. You can specify either the name or ID of a launch template, but not both.


licenseSpecifications?

Type: IResolvable | IResolvable | LicenseSpecificationProperty[] (optional)

The license configurations.


monitoring?

Type: boolean | IResolvable (optional)

Specifies whether detailed monitoring is enabled for the instance.

Specify true to enable detailed monitoring. Otherwise, basic monitoring is enabled. For more information about detailed monitoring, see Enable or turn off detailed monitoring for your instances in the Amazon EC2 User Guide .


networkInterfaces?

Type: IResolvable | IResolvable | NetworkInterfaceProperty[] (optional)

The network interfaces to associate with the instance.

If you use this property to point to a network interface, you must terminate the original interface before attaching a new one to allow the update of the instance to succeed.

If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the DependsOn Attribute to declare a dependency on the VPC-gateway attachment.


placementGroupName?

Type: string (optional)

The name of an existing placement group that you want to launch the instance into (cluster | partition | spread).


privateDnsNameOptions?

Type: IResolvable | PrivateDnsNameOptionsProperty (optional)

The options for the instance hostname.


privateIpAddress?

Type: string (optional)

The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.

Only one private IP address can be designated as primary. You can't specify this option if you've specified the option to designate a private IP address as the primary IP address in a network interface specification. You cannot specify this option if you're launching more than one instance in the request.

You cannot specify this option and the network interfaces option in the same request.

If you make an update to an instance that requires replacement, you must assign a new private IP address. During a replacement, AWS CloudFormation creates a new instance but doesn't delete the old instance until the stack has successfully updated. If the stack update fails, AWS CloudFormation uses the old instance to roll back the stack to the previous working state. The old and new instances cannot have the same private IP address.


propagateTagsToVolumeOnCreation?

Type: boolean | IResolvable (optional)

Indicates whether to assign the tags from the instance to all of the volumes attached to the instance at launch.

If you specify true and you assign tags to the instance, those tags are automatically assigned to all of the volumes that you attach to the instance at launch. If you specify false , those tags are not assigned to the attached volumes.


ramdiskId?

Type: string (optional)

The ID of the RAM disk to select.

Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the AWS Resource Center and search for the kernel ID.

We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see PV-GRUB in the Amazon EC2 User Guide .


securityGroupIds?

Type: string[] (optional)

The IDs of the security groups.

You can specify the IDs of existing security groups and references to resources created by the stack template.

If you specify a network interface, you must specify any security groups as part of the network interface.


securityGroups?

Type: string[] (optional)

[Default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead.

You cannot specify this option and the network interfaces option in the same request. The list can contain both the name of existing Amazon EC2 security groups or references to AWS::EC2::SecurityGroup resources created in the template.

Default: Amazon EC2 uses the default security group.


sourceDestCheck?

Type: boolean | IResolvable (optional)

Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives.

If the value is true , source/destination checks are enabled; otherwise, they are disabled. The default value is true . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.


ssmAssociations?

Type: IResolvable | IResolvable | SsmAssociationProperty[] (optional)

The SSM document and parameter values in AWS Systems Manager to associate with this instance. To use this property, you must specify an IAM instance profile role for the instance. For more information, see Create an IAM instance profile for Systems Manager in the AWS Systems Manager User Guide .

You can currently associate only one document with an instance.


subnetId?

Type: string (optional)

The ID of the subnet to launch the instance into.

If you specify a network interface, you must specify any subnets as part of the network interface.


tags?

Type: CfnTag[] (optional)

The tags to add to the instance.

These tags are not applied to the EBS volumes, such as the root volume, unless PropagateTagsToVolumeOnCreation is true .


tenancy?

Type: string (optional)

The tenancy of the instance.

An instance with a tenancy of dedicated runs on single-tenant hardware.


userData?

Type: string (optional)

The user data script to make available to the instance.

User data is limited to 16 KB. You must provide base64-encoded text. For more information, see Fn::Base64 .

User data runs only at instance launch. For more information, see Run commands on your Linux instance at launch and Run commands on your Windows instance at launch .


volumes?

Type: IResolvable | IResolvable | VolumeProperty[] (optional)

The volumes to attach to the instance.

Properties

NameTypeDescription
attrAvailabilityZonestringThe Availability Zone where the specified instance is launched. For example: us-east-1b .
attrPrivateDnsNamestringThe private DNS name of the specified instance.
attrPrivateIpstringThe private IP address of the specified instance.
attrPublicDnsNamestringThe public DNS name of the specified instance.
attrPublicIpstringThe public IP address of the specified instance.
cfnOptionsICfnResourceOptionsOptions for this resource, such as condition, update policy etc.
cfnProperties{ [string]: any }
cfnResourceTypestringAWS resource type.
creationStackstring[]
logicalIdstringThe logical ID for this CloudFormation stack element.
nodeNodeThe tree node.
refstringReturn a string that will be resolved to a CloudFormation { Ref } for this element.
stackStackThe stack in which this element is defined.
tagsTagManagerThe tags to add to the instance.
additionalInfo?stringThis property is reserved for internal use.
affinity?stringIndicates whether the instance is associated with a dedicated host.
availabilityZone?stringThe Availability Zone of the instance.
blockDeviceMappings?IResolvable | IResolvable | BlockDeviceMappingProperty[]The block device mapping entries that defines the block devices to attach to the instance at launch.
cpuOptions?IResolvable | CpuOptionsPropertyThe CPU options for the instance.
creditSpecification?IResolvable | CreditSpecificationPropertyThe credit option for CPU usage of the burstable performance instance.
disableApiTermination?boolean | IResolvableIf you set this parameter to true , you can't terminate the instance using the Amazon EC2 console, CLI, or API;
ebsOptimized?boolean | IResolvableIndicates whether the instance is optimized for Amazon EBS I/O.
elasticGpuSpecifications?IResolvable | IResolvable | ElasticGpuSpecificationProperty[]An elastic GPU to associate with the instance.
elasticInferenceAccelerators?IResolvable | IResolvable | ElasticInferenceAcceleratorProperty[]An elastic inference accelerator to associate with the instance.
enclaveOptions?IResolvable | EnclaveOptionsPropertyIndicates whether the instance is enabled for AWS Nitro Enclaves.
hibernationOptions?IResolvable | HibernationOptionsPropertyIndicates whether an instance is enabled for hibernation.
hostId?stringIf you specify host for the Affinity property, the ID of a dedicated host that the instance is associated with.
hostResourceGroupArn?stringThe ARN of the host resource group in which to launch the instances.
iamInstanceProfile?stringThe name of an IAM instance profile.
imageId?stringThe ID of the AMI.
instanceInitiatedShutdownBehavior?stringIndicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).
instanceType?stringThe instance type. For more information, see Instance types in the Amazon EC2 User Guide .
ipv6AddressCount?numberThe number of IPv6 addresses to associate with the primary network interface.
ipv6Addresses?IResolvable | IResolvable | InstanceIpv6AddressProperty[]The IPv6 addresses from the range of the subnet to associate with the primary network interface.
kernelId?stringThe ID of the kernel.
keyName?stringThe name of the key pair. You can create a key pair using CreateKeyPair or ImportKeyPair .
launchTemplate?IResolvable | LaunchTemplateSpecificationPropertyThe launch template to use to launch the instances.
licenseSpecifications?IResolvable | IResolvable | LicenseSpecificationProperty[]The license configurations.
monitoring?boolean | IResolvableSpecifies whether detailed monitoring is enabled for the instance.
networkInterfaces?IResolvable | IResolvable | NetworkInterfaceProperty[]The network interfaces to associate with the instance.
placementGroupName?stringThe name of an existing placement group that you want to launch the instance into (clusterpartitionspread).
privateDnsNameOptions?IResolvable | PrivateDnsNameOptionsPropertyThe options for the instance hostname.
privateIpAddress?stringThe primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.
propagateTagsToVolumeOnCreation?boolean | IResolvableIndicates whether to assign the tags from the instance to all of the volumes attached to the instance at launch.
ramdiskId?stringThe ID of the RAM disk to select.
securityGroupIds?string[]The IDs of the security groups.
securityGroups?string[][Default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead.
sourceDestCheck?boolean | IResolvableEnable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives.
ssmAssociations?IResolvable | IResolvable | SsmAssociationProperty[]The SSM document and parameter values in AWS Systems Manager to associate with this instance. To use this property, you must specify an IAM instance profile role for the instance. For more information, see Create an IAM instance profile for Systems Manager in the AWS Systems Manager User Guide .
subnetId?stringThe ID of the subnet to launch the instance into.
tenancy?stringThe tenancy of the instance.
userData?stringThe user data script to make available to the instance.
volumes?IResolvable | IResolvable | VolumeProperty[]The volumes to attach to the instance.
static CFN_RESOURCE_TYPE_NAMEstringThe CloudFormation resource type name for this resource class.

attrAvailabilityZone

Type: string

The Availability Zone where the specified instance is launched. For example: us-east-1b .

You can retrieve a list of all Availability Zones for a Region by using the Fn::GetAZs intrinsic function.


attrPrivateDnsName

Type: string

The private DNS name of the specified instance.

For example: ip-10-24-34-0.ec2.internal .


attrPrivateIp

Type: string

The private IP address of the specified instance.

For example: 10.24.34.0 .


attrPublicDnsName

Type: string

The public DNS name of the specified instance.

For example: ec2-107-20-50-45.compute-1.amazonaws.com .


attrPublicIp

Type: string

The public IP address of the specified instance.

For example: 192.0.2.0 .


cfnOptions

Type: ICfnResourceOptions

Options for this resource, such as condition, update policy etc.


cfnProperties

Type: { [string]: any }


cfnResourceType

Type: string

AWS resource type.


creationStack

Type: string[]


logicalId

Type: string

The logical ID for this CloudFormation stack element.

The logical ID of the element is calculated from the path of the resource node in the construct tree.

To override this value, use overrideLogicalId(newLogicalId).


node

Type: Node

The tree node.


ref

Type: string

Return a string that will be resolved to a CloudFormation { Ref } for this element.

If, by any chance, the intrinsic reference of a resource is not a string, you could coerce it to an IResolvable through Lazy.any({ produce: resource.ref }).


stack

Type: Stack

The stack in which this element is defined.

CfnElements must be defined within a stack scope (directly or indirectly).


tags

Type: TagManager

The tags to add to the instance.

These tags are not applied to the EBS volumes, such as the root volume, unless PropagateTagsToVolumeOnCreation is true .


additionalInfo?

Type: string (optional)

This property is reserved for internal use.

If you use it, the stack fails with this error: Bad property set: [Testing this property] (Service: AmazonEC2; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: 0XXXXXX-49c7-4b40-8bcc-76885dcXXXXX) .


affinity?

Type: string (optional)

Indicates whether the instance is associated with a dedicated host.

If you want the instance to always restart on the same host on which it was launched, specify host . If you want the instance to restart on any available host, but try to launch onto the last host it ran on (on a best-effort basis), specify default .


availabilityZone?

Type: string (optional)

The Availability Zone of the instance.

If not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.

This parameter is not supported by DescribeImageAttribute .


blockDeviceMappings?

Type: IResolvable | IResolvable | BlockDeviceMappingProperty[] (optional)

The block device mapping entries that defines the block devices to attach to the instance at launch.

By default, the block devices specified in the block device mapping for the AMI are used. You can override the AMI block device mapping using the instance block device mapping. For the root volume, you can override only the volume size, volume type, volume encryption settings, and the DeleteOnTermination setting.

After the instance is running, you can modify only the DeleteOnTermination parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance replacement .


cpuOptions?

Type: IResolvable | CpuOptionsProperty (optional)

The CPU options for the instance.

For more information, see Optimize CPU options in the Amazon Elastic Compute Cloud User Guide .


creditSpecification?

Type: IResolvable | CreditSpecificationProperty (optional)

The credit option for CPU usage of the burstable performance instance.

Valid values are standard and unlimited . To change this attribute after launch, use ModifyInstanceCreditSpecification . For more information, see Burstable performance instances in the Amazon EC2 User Guide .

Default: standard (T2 instances) or unlimited (T3/T3a/T4g instances)

For T3 instances with host tenancy, only standard is supported.


disableApiTermination?

Type: boolean | IResolvable (optional)

If you set this parameter to true , you can't terminate the instance using the Amazon EC2 console, CLI, or API;

otherwise, you can. To change this attribute after launch, use ModifyInstanceAttribute . Alternatively, if you set InstanceInitiatedShutdownBehavior to terminate , you can terminate the instance by running the shutdown command from the instance.

Default: false


ebsOptimized?

Type: boolean | IResolvable (optional)

Indicates whether the instance is optimized for Amazon EBS I/O.

This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.

Default: false


elasticGpuSpecifications?

Type: IResolvable | IResolvable | ElasticGpuSpecificationProperty[] (optional)

An elastic GPU to associate with the instance.

An Elastic GPU is a GPU resource that you can attach to your Windows instance to accelerate the graphics performance of your applications. For more information, see Amazon EC2 Elastic GPUs in the Amazon EC2 User Guide .


elasticInferenceAccelerators?

Type: IResolvable | IResolvable | ElasticInferenceAcceleratorProperty[] (optional)

An elastic inference accelerator to associate with the instance.

Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.

You cannot specify accelerators from different generations in the same request.

Starting April 15, 2023, AWS will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.


enclaveOptions?

Type: IResolvable | EnclaveOptionsProperty (optional)

Indicates whether the instance is enabled for AWS Nitro Enclaves.


hibernationOptions?

Type: IResolvable | HibernationOptionsProperty (optional)

Indicates whether an instance is enabled for hibernation.

This parameter is valid only if the instance meets the hibernation prerequisites . For more information, see Hibernate your instance in the Amazon EC2 User Guide .

You can't enable hibernation and AWS Nitro Enclaves on the same instance.


hostId?

Type: string (optional)

If you specify host for the Affinity property, the ID of a dedicated host that the instance is associated with.

If you don't specify an ID, Amazon EC2 launches the instance onto any available, compatible dedicated host in your account. This type of launch is called an untargeted launch. Note that for untargeted launches, you must have a compatible, dedicated host available to successfully launch instances.


hostResourceGroupArn?

Type: string (optional)

The ARN of the host resource group in which to launch the instances.

If you specify a host resource group ARN, omit the Tenancy parameter or set it to host .


iamInstanceProfile?

Type: string (optional)

The name of an IAM instance profile.

To create a new IAM instance profile, use the AWS::IAM::InstanceProfile resource.


imageId?

Type: string (optional)

The ID of the AMI.

An AMI ID is required to launch an instance and must be specified here or in a launch template.


instanceInitiatedShutdownBehavior?

Type: string (optional)

Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).

Default: stop


instanceType?

Type: string (optional)

The instance type. For more information, see Instance types in the Amazon EC2 User Guide .

When you change your EBS-backed instance type, instance restart or replacement behavior depends on the instance type compatibility between the old and new types. An instance that's backed by an instance store volume is always replaced. For more information, see Change the instance type in the Amazon EC2 User Guide .

Default: m1.small


ipv6AddressCount?

Type: number (optional)

The number of IPv6 addresses to associate with the primary network interface.

Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.

You cannot specify this option and the network interfaces option in the same request.


ipv6Addresses?

Type: IResolvable | IResolvable | InstanceIpv6AddressProperty[] (optional)

The IPv6 addresses from the range of the subnet to associate with the primary network interface.

You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.

You cannot specify this option and the network interfaces option in the same request.


kernelId?

Type: string (optional)

The ID of the kernel.

We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see PV-GRUB in the Amazon EC2 User Guide .


keyName?

Type: string (optional)

The name of the key pair. You can create a key pair using CreateKeyPair or ImportKeyPair .

If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.


launchTemplate?

Type: IResolvable | LaunchTemplateSpecificationProperty (optional)

The launch template to use to launch the instances.

Any parameters that you specify in the AWS CloudFormation template override the same parameters in the launch template. You can specify either the name or ID of a launch template, but not both.


licenseSpecifications?

Type: IResolvable | IResolvable | LicenseSpecificationProperty[] (optional)

The license configurations.


monitoring?

Type: boolean | IResolvable (optional)

Specifies whether detailed monitoring is enabled for the instance.

Specify true to enable detailed monitoring. Otherwise, basic monitoring is enabled. For more information about detailed monitoring, see Enable or turn off detailed monitoring for your instances in the Amazon EC2 User Guide .


networkInterfaces?

Type: IResolvable | IResolvable | NetworkInterfaceProperty[] (optional)

The network interfaces to associate with the instance.

If you use this property to point to a network interface, you must terminate the original interface before attaching a new one to allow the update of the instance to succeed.

If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the DependsOn Attribute to declare a dependency on the VPC-gateway attachment.


placementGroupName?

Type: string (optional)

The name of an existing placement group that you want to launch the instance into (cluster | partition | spread).


privateDnsNameOptions?

Type: IResolvable | PrivateDnsNameOptionsProperty (optional)

The options for the instance hostname.


privateIpAddress?

Type: string (optional)

The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.

Only one private IP address can be designated as primary. You can't specify this option if you've specified the option to designate a private IP address as the primary IP address in a network interface specification. You cannot specify this option if you're launching more than one instance in the request.

You cannot specify this option and the network interfaces option in the same request.

If you make an update to an instance that requires replacement, you must assign a new private IP address. During a replacement, AWS CloudFormation creates a new instance but doesn't delete the old instance until the stack has successfully updated. If the stack update fails, AWS CloudFormation uses the old instance to roll back the stack to the previous working state. The old and new instances cannot have the same private IP address.


propagateTagsToVolumeOnCreation?

Type: boolean | IResolvable (optional)

Indicates whether to assign the tags from the instance to all of the volumes attached to the instance at launch.

If you specify true and you assign tags to the instance, those tags are automatically assigned to all of the volumes that you attach to the instance at launch. If you specify false , those tags are not assigned to the attached volumes.


ramdiskId?

Type: string (optional)

The ID of the RAM disk to select.

Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the AWS Resource Center and search for the kernel ID.

We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see PV-GRUB in the Amazon EC2 User Guide .


securityGroupIds?

Type: string[] (optional)

The IDs of the security groups.

You can specify the IDs of existing security groups and references to resources created by the stack template.

If you specify a network interface, you must specify any security groups as part of the network interface.


securityGroups?

Type: string[] (optional)

[Default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead.

You cannot specify this option and the network interfaces option in the same request. The list can contain both the name of existing Amazon EC2 security groups or references to AWS::EC2::SecurityGroup resources created in the template.

Default: Amazon EC2 uses the default security group.


sourceDestCheck?

Type: boolean | IResolvable (optional)

Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives.

If the value is true , source/destination checks are enabled; otherwise, they are disabled. The default value is true . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.


ssmAssociations?

Type: IResolvable | IResolvable | SsmAssociationProperty[] (optional)

The SSM document and parameter values in AWS Systems Manager to associate with this instance. To use this property, you must specify an IAM instance profile role for the instance. For more information, see Create an IAM instance profile for Systems Manager in the AWS Systems Manager User Guide .

You can currently associate only one document with an instance.


subnetId?

Type: string (optional)

The ID of the subnet to launch the instance into.

If you specify a network interface, you must specify any subnets as part of the network interface.


tenancy?

Type: string (optional)

The tenancy of the instance.

An instance with a tenancy of dedicated runs on single-tenant hardware.


userData?

Type: string (optional)

The user data script to make available to the instance.

User data is limited to 16 KB. You must provide base64-encoded text. For more information, see Fn::Base64 .

User data runs only at instance launch. For more information, see Run commands on your Linux instance at launch and Run commands on your Windows instance at launch .


volumes?

Type: IResolvable | IResolvable | VolumeProperty[] (optional)

The volumes to attach to the instance.


static CFN_RESOURCE_TYPE_NAME

Type: string

The CloudFormation resource type name for this resource class.

Methods

NameDescription
addDeletionOverride(path)Syntactic sugar for addOverride(path, undefined).
addDependency(target)Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
addDependsOn(target)⚠️Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
addMetadata(key, value)Add a value to the CloudFormation Resource Metadata.
addOverride(path, value)Adds an override to the synthesized CloudFormation resource.
addPropertyDeletionOverride(propertyPath)Adds an override that deletes the value of a property from the resource definition.
addPropertyOverride(propertyPath, value)Adds an override to a resource property.
applyRemovalPolicy(policy?, options?)Sets the deletion policy of the resource based on the removal policy specified.
getAtt(attributeName, typeHint?)Returns a token for an runtime attribute of this resource.
getMetadata(key)Retrieve a value value from the CloudFormation Resource Metadata.
inspect(inspector)Examines the CloudFormation resource and discloses attributes.
obtainDependencies()Retrieves an array of resources this resource depends on.
obtainResourceDependencies()Get a shallow copy of dependencies between this resource and other resources in the same stack.
overrideLogicalId(newLogicalId)Overrides the auto-generated logical ID with a specific ID.
removeDependency(target)Indicates that this resource no longer depends on another resource.
replaceDependency(target, newTarget)Replaces one dependency with another.
toString()Returns a string representation of this construct.
protected renderProperties(props)

addDeletionOverride(path)

public addDeletionOverride(path: string): void

Parameters

  • path string — The path of the value to delete.

Syntactic sugar for addOverride(path, undefined).


addDependency(target)

public addDependency(target: CfnResource): void

Parameters

  • target CfnResource

Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.

This can be used for resources across stacks (or nested stack) boundaries and the dependency will automatically be transferred to the relevant scope.


addDependsOn(target)⚠️

public addDependsOn(target: CfnResource): void

⚠️ Deprecated: use addDependency

Parameters

  • target CfnResource

Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.


addMetadata(key, value)

public addMetadata(key: string, value: any): void

Parameters

  • key string
  • value any

Add a value to the CloudFormation Resource Metadata.

See also: [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.)


addOverride(path, value)

public addOverride(path: string, value: any): void

Parameters

  • path string — - The path of the property, you can use dot notation to override values in complex types.
  • value any — - The value.

Adds an override to the synthesized CloudFormation resource.

To add a property override, either use addPropertyOverride or prefix path with "Properties." (i.e. Properties.TopicName).

If the override is nested, separate each nested level using a dot (.) in the path parameter. If there is an array as part of the nesting, specify the index in the path.

To include a literal . in the property name, prefix with a \. In most programming languages you will need to write this as "\\." because the \ itself will need to be escaped.

For example,

cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');

would add the overrides

"Properties": {
  "GlobalSecondaryIndexes": [
    {
      "Projection": {
        "NonKeyAttributes": [ "myattribute" ]
        ...
      }
      ...
    },
    {
      "ProjectionType": "INCLUDE"
      ...
    },
  ]
  ...
}

The value argument to addOverride will not be processed or translated in any way. Pass raw JSON values in here with the correct capitalization for CloudFormation. If you pass CDK classes or structs, they will be rendered with lowercased key names, and CloudFormation will reject the template.


addPropertyDeletionOverride(propertyPath)

public addPropertyDeletionOverride(propertyPath: string): void

Parameters

  • propertyPath string — The path to the property.

Adds an override that deletes the value of a property from the resource definition.


addPropertyOverride(propertyPath, value)

public addPropertyOverride(propertyPath: string, value: any): void

Parameters

  • propertyPath string — The path of the property.
  • value any — The value.

Adds an override to a resource property.

Syntactic sugar for addOverride("Properties.<...>", value).


applyRemovalPolicy(policy?, options?)

public applyRemovalPolicy(policy?: RemovalPolicy, options?: RemovalPolicyOptions): void

Parameters

  • policy RemovalPolicy
  • options RemovalPolicyOptions

Sets the deletion policy of the resource based on the removal policy specified.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN). In some cases, a snapshot can be taken of the resource prior to deletion (RemovalPolicy.SNAPSHOT). A list of resources that support this policy can be found in the following link:

See also: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options


getAtt(attributeName, typeHint?)

public getAtt(attributeName: string, typeHint?: ResolutionTypeHint): Reference

Parameters

  • attributeName string — The name of the attribute.
  • typeHint ResolutionTypeHint

Returns

  • Reference

Returns a token for an runtime attribute of this resource.

Ideally, use generated attribute accessors (e.g. resource.arn), but this can be used for future compatibility in case there is no generated attribute.


getMetadata(key)

public getMetadata(key: string): any

Parameters

  • key string

Returns

  • any

Retrieve a value value from the CloudFormation Resource Metadata.

See also: [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html

Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.)


inspect(inspector)

public inspect(inspector: TreeInspector): void

Parameters

  • inspector TreeInspector — - tree inspector to collect and process attributes.

Examines the CloudFormation resource and discloses attributes.


obtainDependencies()

public obtainDependencies(): Stack &#124; CfnResource[]

Returns

  • Stack | CfnResource[]

Retrieves an array of resources this resource depends on.

This assembles dependencies on resources across stacks (including nested stacks) automatically.


obtainResourceDependencies()

public obtainResourceDependencies(): CfnResource[]

Returns

  • CfnResource[]

Get a shallow copy of dependencies between this resource and other resources in the same stack.


overrideLogicalId(newLogicalId)

public overrideLogicalId(newLogicalId: string): void

Parameters

  • newLogicalId string — The new logical ID to use for this stack element.

Overrides the auto-generated logical ID with a specific ID.


removeDependency(target)

public removeDependency(target: CfnResource): void

Parameters

  • target CfnResource

Indicates that this resource no longer depends on another resource.

This can be used for resources across stacks (including nested stacks) and the dependency will automatically be removed from the relevant scope.


replaceDependency(target, newTarget)

public replaceDependency(target: CfnResource, newTarget: CfnResource): void

Parameters

  • target CfnResource — The dependency to replace.
  • newTarget CfnResource — The new dependency to add.

Replaces one dependency with another.


toString()

public toString(): string

Returns

  • string

Returns a string representation of this construct.


protected renderProperties(props)

protected renderProperties(props: { [string]: any }): { [string]: any }

Parameters

  • props { [string]: any }

Returns

  • { [string]: any }