aws-cdk-lib.aws_ec2.InstanceProps

interface InstanceProps

LanguageType name
.NETAmazon.CDK.AWS.EC2.InstanceProps
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsec2#InstanceProps
Javasoftware.amazon.awscdk.services.ec2.InstanceProps
Pythonaws_cdk.aws_ec2.InstanceProps
TypeScript (source)aws-cdk-lib » aws_ec2 » InstanceProps

Properties of an EC2 Instance.

Example

declare const vpc: ec2.IVpc;
const lb = new elb.LoadBalancer(this, 'LB', {
  vpc,
  internetFacing: true,
});

// instance to add as the target for load balancer.
const instance = new ec2.Instance(this, 'targetInstance', {
  vpc: vpc,
  instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO),
  machineImage: new ec2.AmazonLinuxImage({ generation: ec2.AmazonLinuxGeneration.AMAZON_LINUX_2 }),
});
lb.addTarget(new elb.InstanceTarget(instance));

Properties

NameTypeDescription
instanceTypeInstanceTypeType of instance to launch.
machineImageIMachineImageAMI to launch.
vpcIVpcVPC to launch the instance in.
allowAllOutbound?booleanWhether the instance could initiate connections to anywhere by default.
associatePublicIpAddress?booleanWhether to associate a public IP address to the primary network interface attached to this instance.
availabilityZone?stringIn which AZ to place the instance within the VPC.
blockDevices?BlockDevice[]Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes.
detailedMonitoring?booleanWhether "Detailed Monitoring" is enabled for this instance Keep in mind that Detailed Monitoring results in extra charges.
init?CloudFormationInitApply the given CloudFormation Init configuration to the instance at startup.
initOptions?ApplyCloudFormationInitOptionsUse the given options for applying CloudFormation Init.
instanceName?stringThe name of the instance.
keyName?stringName of SSH keypair to grant access to instance.
privateIpAddress?stringDefines a private IP address to associate with an instance.
propagateTagsToVolumeOnCreation?booleanPropagate the EC2 instance tags to the EBS volumes.
requireImdsv2?booleanWhether IMDSv2 should be required on this instance.
resourceSignalTimeout?DurationThe length of time to wait for the resourceSignalCount.
role?IRoleAn IAM role to associate with the instance profile assigned to this Auto Scaling Group.
securityGroup?ISecurityGroupSecurity Group to assign to this instance.
sourceDestCheck?booleanSpecifies whether to enable an instance launched in a VPC to perform NAT.
ssmSessionPermissions?booleanAdd SSM session permissions to the instance role.
userData?UserDataSpecific UserData to use.
userDataCausesReplacement?booleanChanges to the UserData force replacement.
vpcSubnets?SubnetSelectionWhere to place the instance within the VPC.

instanceType

Type: InstanceType

Type of instance to launch.


machineImage

Type: IMachineImage

AMI to launch.


vpc

Type: IVpc

VPC to launch the instance in.


allowAllOutbound?

Type: boolean (optional, default: true)

Whether the instance could initiate connections to anywhere by default.

This property is only used when you do not provide a security group.


associatePublicIpAddress?

Type: boolean (optional, default: public IP address is automatically assigned based on default behavior)

Whether to associate a public IP address to the primary network interface attached to this instance.


availabilityZone?

Type: string (optional, default: Random zone.)

In which AZ to place the instance within the VPC.


blockDevices?

Type: BlockDevice[] (optional, default: Uses the block device mapping of the AMI)

Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes.

Each instance that is launched has an associated root device volume, either an Amazon EBS volume or an instance store volume. You can use block device mappings to specify additional EBS volumes or instance store volumes to attach to an instance when it is launched.

See also: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html


detailedMonitoring?

Type: boolean (optional, default: false)

Whether "Detailed Monitoring" is enabled for this instance Keep in mind that Detailed Monitoring results in extra charges.

See also: http://aws.amazon.com/cloudwatch/pricing/


init?

Type: CloudFormationInit (optional, default: no CloudFormation init)

Apply the given CloudFormation Init configuration to the instance at startup.


initOptions?

Type: ApplyCloudFormationInitOptions (optional, default: default options)

Use the given options for applying CloudFormation Init.

Describes the configsets to use and the timeout to wait


instanceName?

Type: string (optional, default: CDK generated name)

The name of the instance.


keyName?

Type: string (optional, default: No SSH access will be possible.)

Name of SSH keypair to grant access to instance.


privateIpAddress?

Type: string (optional, default: no association)

Defines a private IP address to associate with an instance.

Private IP should be available within the VPC that the instance is build within.


propagateTagsToVolumeOnCreation?

Type: boolean (optional, default: false)

Propagate the EC2 instance tags to the EBS volumes.


requireImdsv2?

Type: boolean (optional, default: false)

Whether IMDSv2 should be required on this instance.


resourceSignalTimeout?

Type: Duration (optional, default: Duration.minutes(5))

The length of time to wait for the resourceSignalCount.

The maximum value is 43200 (12 hours).


role?

Type: IRole (optional, default: A role will automatically be created, it can be accessed via the role property)

An IAM role to associate with the instance profile assigned to this Auto Scaling Group.

The role must be assumable by the service principal ec2.amazonaws.com: Example

const role = new iam.Role(this, 'MyRole', {
  assumedBy: new iam.ServicePrincipal('ec2.amazonaws.com')
});

securityGroup?

Type: ISecurityGroup (optional, default: create new security group)

Security Group to assign to this instance.


sourceDestCheck?

Type: boolean (optional, default: true)

Specifies whether to enable an instance launched in a VPC to perform NAT.

This controls whether source/destination checking is enabled on the instance. A value of true means that checking is enabled, and false means that checking is disabled. The value must be false for the instance to perform NAT.


ssmSessionPermissions?

Type: boolean (optional, default: false)

Add SSM session permissions to the instance role.

Setting this to true adds the necessary permissions to connect to the instance using SSM Session Manager. You can do this from the AWS Console.

NOTE: Setting this flag to true may not be enough by itself. You must also use an AMI that comes with the SSM Agent, or install the SSM Agent yourself. See Working with SSM Agent in the SSM Developer Guide.


userData?

Type: UserData (optional, default: A UserData object appropriate for the MachineImage's Operating System is created.)

Specific UserData to use.

The UserData may still be mutated after creation.


userDataCausesReplacement?

Type: boolean (optional, default: true iff initOptions is specified, false otherwise.)

Changes to the UserData force replacement.

Depending the EC2 instance type, changing UserData either restarts the instance or replaces the instance.

  • Instance store-backed instances are replaced.
  • EBS-backed instances are restarted.

By default, restarting does not execute the new UserData so you will need a different mechanism to ensure the instance is restarted.

Setting this to true will make the instance's Logical ID depend on the UserData, which will cause CloudFormation to replace it if the UserData changes.


vpcSubnets?

Type: SubnetSelection (optional, default: Private subnets.)

Where to place the instance within the VPC.