aws-cdk-lib.aws_ec2.BastionHostLinuxProps

interface BastionHostLinuxProps

LanguageType name
.NETAmazon.CDK.AWS.EC2.BastionHostLinuxProps
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsec2#BastionHostLinuxProps
Javasoftware.amazon.awscdk.services.ec2.BastionHostLinuxProps
Pythonaws_cdk.aws_ec2.BastionHostLinuxProps
TypeScript (source)aws-cdk-lib » aws_ec2 » BastionHostLinuxProps

Properties of the bastion host.

Example

const host = new ec2.BastionHostLinux(this, 'BastionHost', {
  vpc,
  blockDevices: [{
    deviceName: 'EBSBastionHost',
    volume: ec2.BlockDeviceVolume.ebs(10, {
      encrypted: true,
    }),
  }],
});

Properties

NameTypeDescription
vpcIVpcVPC to launch the instance in.
availabilityZone?stringIn which AZ to place the instance within the VPC.
blockDevices?BlockDevice[]Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes.
init?CloudFormationInitApply the given CloudFormation Init configuration to the instance at startup.
initOptions?ApplyCloudFormationInitOptionsUse the given options for applying CloudFormation Init.
instanceName?stringThe name of the instance.
instanceType?InstanceTypeType of instance to launch.
machineImage?IMachineImageThe machine image to use, assumed to have SSM Agent preinstalled.
requireImdsv2?booleanWhether IMDSv2 should be required on this instance.
securityGroup?ISecurityGroupSecurity Group to assign to this instance.
subnetSelection?SubnetSelectionSelect the subnets to run the bastion host in.

vpc

Type: IVpc

VPC to launch the instance in.


availabilityZone?

Type: string (optional, default: Random zone.)

In which AZ to place the instance within the VPC.


blockDevices?

Type: BlockDevice[] (optional, default: Uses the block device mapping of the AMI)

Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes.

Each instance that is launched has an associated root device volume, either an Amazon EBS volume or an instance store volume. You can use block device mappings to specify additional EBS volumes or instance store volumes to attach to an instance when it is launched.

See also: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html


init?

Type: CloudFormationInit (optional, default: no CloudFormation init)

Apply the given CloudFormation Init configuration to the instance at startup.


initOptions?

Type: ApplyCloudFormationInitOptions (optional, default: default options)

Use the given options for applying CloudFormation Init.

Describes the configsets to use and the timeout to wait


instanceName?

Type: string (optional, default: 'BastionHost')

The name of the instance.


instanceType?

Type: InstanceType (optional, default: 't3.nano')

Type of instance to launch.


machineImage?

Type: IMachineImage (optional, default: An Amazon Linux 2 image which is kept up-to-date automatically (the instance may be replaced on every deployment) and already has SSM Agent installed.)

The machine image to use, assumed to have SSM Agent preinstalled.


requireImdsv2?

Type: boolean (optional, default: false)

Whether IMDSv2 should be required on this instance.


securityGroup?

Type: ISecurityGroup (optional, default: create new security group with no inbound and all outbound traffic allowed)

Security Group to assign to this instance.


subnetSelection?

Type: SubnetSelection (optional, default: private subnets of the supplied VPC)

Select the subnets to run the bastion host in.

Set this to PUBLIC if you need to connect to this instance via the internet and cannot use SSM. You have to allow port 22 manually by using the connections field