Documentation
¶
Index ¶
- func FourTierNetworkHub_DEFAULT_CIDR_RANGE() *string
- func FourTierNetworkHub_DEFAULT_SUBNETS() *[]*awsec2.SubnetConfiguration
- func FourTierNetworkHub_DEFAULT_SUBNETS_NO_NAT() *[]*awsec2.SubnetConfiguration
- func FourTierNetworkHub_FromLookup(scope constructs.Construct, id *string, options *awsec2.VpcLookupOptions) awsec2.IVpc
- func FourTierNetworkHub_FromVpcAttributes(scope constructs.Construct, id *string, attrs *awsec2.VpcAttributes) awsec2.IVpc
- func FourTierNetworkHub_IsConstruct(x interface{}) *bool
- func FourTierNetworkHub_IsOwnedResource(construct constructs.IConstruct) *bool
- func FourTierNetworkHub_IsResource(construct constructs.IConstruct) *bool
- func FourTierNetworkSpoke_DEFAULT_CIDR_RANGE() *string
- func FourTierNetworkSpoke_DEFAULT_SUBNETS() *[]*awsec2.SubnetConfiguration
- func FourTierNetworkSpoke_DEFAULT_SUBNETS_NO_NAT() *[]*awsec2.SubnetConfiguration
- func FourTierNetworkSpoke_FromLookup(scope constructs.Construct, id *string, options *awsec2.VpcLookupOptions) awsec2.IVpc
- func FourTierNetworkSpoke_FromVpcAttributes(scope constructs.Construct, id *string, attrs *awsec2.VpcAttributes) awsec2.IVpc
- func FourTierNetworkSpoke_IsConstruct(x interface{}) *bool
- func FourTierNetworkSpoke_IsOwnedResource(construct constructs.IConstruct) *bool
- func FourTierNetworkSpoke_IsResource(construct constructs.IConstruct) *bool
- func FourTierNetwork_DEFAULT_CIDR_RANGE() *string
- func FourTierNetwork_DEFAULT_SUBNETS() *[]*awsec2.SubnetConfiguration
- func FourTierNetwork_DEFAULT_SUBNETS_NO_NAT() *[]*awsec2.SubnetConfiguration
- func FourTierNetwork_FromLookup(scope constructs.Construct, id *string, options *awsec2.VpcLookupOptions) awsec2.IVpc
- func FourTierNetwork_FromVpcAttributes(scope constructs.Construct, id *string, attrs *awsec2.VpcAttributes) awsec2.IVpc
- func FourTierNetwork_IsConstruct(x interface{}) *bool
- func FourTierNetwork_IsOwnedResource(construct constructs.IConstruct) *bool
- func FourTierNetwork_IsResource(construct constructs.IConstruct) *bool
- func IpAddressManager_DEFAULT_CLIENT_VPN_ALLOCATION_MASK() *float64
- func IpAddressManager_DEFAULT_VPC_ALLOCATION_MASK() *float64
- func IpAddressManager_DEFAULT_VPC_POOL_CIDRS() *[]*string
- func IpAddressManager_DEFAULT_VPN_POOL_CIDRS() *[]*string
- func IpAddressManager_IsConstruct(x interface{}) *bool
- func IpAddressManager_IsOwnedResource(construct constructs.IConstruct) *bool
- func IpAddressManager_IsResource(construct constructs.IConstruct) *bool
- func NetworkController_DEFAULT_CLIENT_VPN_NETMASK() *float64
- func NetworkController_IsConstruct(x interface{}) *bool
- func NetworkController_IsOwnedResource(construct constructs.IConstruct) *bool
- func NetworkController_IsResource(construct constructs.IConstruct) *bool
- func NetworkIsolatedClientVpnEndpoint_DEFAULT_VPN_CIDR() *string
- func NetworkIsolatedClientVpnEndpoint_IsConstruct(x interface{}) *bool
- func NetworkIsolatedClientVpnEndpoint_IsOwnedResource(construct constructs.IConstruct) *bool
- func NetworkIsolatedClientVpnEndpoint_IsResource(construct constructs.IConstruct) *bool
- func NewFourTierNetworkHub_Override(f FourTierNetworkHub, scope constructs.IConstruct, id *string, ...)
- func NewFourTierNetworkSpoke_Override(f FourTierNetworkSpoke, scope constructs.IConstruct, id *string, ...)
- func NewFourTierNetwork_Override(f FourTierNetwork, scope constructs.IConstruct, id *string, ...)
- func NewIpAddressManager_Override(i IpAddressManager, scope constructs.IConstruct, id *string, ...)
- func NewNetworkController_Override(n NetworkController, scope constructs.IConstruct, id *string, ...)
- func NewNetworkIsolatedClientVpnEndpoint_Override(n NetworkIsolatedClientVpnEndpoint, scope constructs.IConstruct, id *string, ...)
- type AddAuthorizationRuleOptions
- type AddCidrBlockOptions
- type AddClientVpnEndpointOptions
- type AddHubOptions
- type AddIsolatedClientVpnEndpointOptions
- type AddMultiSubnetRouteOptions
- type AddNetworkOptions
- type AddPoolOptions
- type AddSpokeNetworkProps
- type AllocatePrivateNetworkOptions
- type FlowLogOptions
- type FourTierNetwork
- type FourTierNetworkHub
- type FourTierNetworkHubProps
- type FourTierNetworkProps
- type FourTierNetworkShareProperties
- type FourTierNetworkSpoke
- type FourTierNetworkSpokeProps
- type GetClientVpnConfigurationOptions
- type GetClientVpnConfigurationResult
- type GetVpcConfigurationOptions
- type IpAddressManager
- type IpAddressManagerProps
- type IpAddressManagerSharingProps
- type NetworkController
- type NetworkControllerProps
- type NetworkIsolatedClientVpnEndpoint
- type NetworkIsolatedClientVpnEndpointProps
- type TransitGatewayHubConfiguration
- type TransitGatewaySpokeConfiguration
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func FourTierNetworkHub_DEFAULT_CIDR_RANGE ¶
func FourTierNetworkHub_DEFAULT_CIDR_RANGE() *string
func FourTierNetworkHub_DEFAULT_SUBNETS ¶
func FourTierNetworkHub_DEFAULT_SUBNETS() *[]*awsec2.SubnetConfiguration
func FourTierNetworkHub_DEFAULT_SUBNETS_NO_NAT ¶
func FourTierNetworkHub_DEFAULT_SUBNETS_NO_NAT() *[]*awsec2.SubnetConfiguration
func FourTierNetworkHub_FromLookup ¶
func FourTierNetworkHub_FromLookup(scope constructs.Construct, id *string, options *awsec2.VpcLookupOptions) awsec2.IVpc
Import an existing VPC by querying the AWS environment this stack is deployed to.
This function only needs to be used to use VPCs not defined in your CDK application. If you are looking to share a VPC between stacks, you can pass the `Vpc` object between stacks and use it as normal.
Calling this method will lead to a lookup when the CDK CLI is executed. You can therefore not use any values that will only be available at CloudFormation execution time (i.e., Tokens).
The VPC information will be cached in `cdk.context.json` and the same VPC will be used on future runs. To refresh the lookup, you will have to evict the value from the cache using the `cdk context` command. See https://docs.aws.amazon.com/cdk/latest/guide/context.html for more information.
func FourTierNetworkHub_FromVpcAttributes ¶
func FourTierNetworkHub_FromVpcAttributes(scope constructs.Construct, id *string, attrs *awsec2.VpcAttributes) awsec2.IVpc
Import a VPC by supplying all attributes directly.
NOTE: using `fromVpcAttributes()` with deploy-time parameters (like a `Fn.importValue()` or `CfnParameter` to represent a list of subnet IDs) sometimes accidentally works. It happens to work for constructs that need a list of subnets (like `AutoScalingGroup` and `eks.Cluster`) but it does not work for constructs that need individual subnets (like `Instance`). See https://github.com/aws/aws-cdk/issues/4118 for more information.
Prefer to use `Vpc.fromLookup()` instead.
func FourTierNetworkHub_IsConstruct ¶
func FourTierNetworkHub_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func FourTierNetworkHub_IsOwnedResource ¶
func FourTierNetworkHub_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func FourTierNetworkHub_IsResource ¶
func FourTierNetworkHub_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func FourTierNetworkSpoke_DEFAULT_CIDR_RANGE ¶
func FourTierNetworkSpoke_DEFAULT_CIDR_RANGE() *string
func FourTierNetworkSpoke_DEFAULT_SUBNETS ¶
func FourTierNetworkSpoke_DEFAULT_SUBNETS() *[]*awsec2.SubnetConfiguration
func FourTierNetworkSpoke_DEFAULT_SUBNETS_NO_NAT ¶
func FourTierNetworkSpoke_DEFAULT_SUBNETS_NO_NAT() *[]*awsec2.SubnetConfiguration
func FourTierNetworkSpoke_FromLookup ¶
func FourTierNetworkSpoke_FromLookup(scope constructs.Construct, id *string, options *awsec2.VpcLookupOptions) awsec2.IVpc
Import an existing VPC by querying the AWS environment this stack is deployed to.
This function only needs to be used to use VPCs not defined in your CDK application. If you are looking to share a VPC between stacks, you can pass the `Vpc` object between stacks and use it as normal.
Calling this method will lead to a lookup when the CDK CLI is executed. You can therefore not use any values that will only be available at CloudFormation execution time (i.e., Tokens).
The VPC information will be cached in `cdk.context.json` and the same VPC will be used on future runs. To refresh the lookup, you will have to evict the value from the cache using the `cdk context` command. See https://docs.aws.amazon.com/cdk/latest/guide/context.html for more information.
func FourTierNetworkSpoke_FromVpcAttributes ¶
func FourTierNetworkSpoke_FromVpcAttributes(scope constructs.Construct, id *string, attrs *awsec2.VpcAttributes) awsec2.IVpc
Import a VPC by supplying all attributes directly.
NOTE: using `fromVpcAttributes()` with deploy-time parameters (like a `Fn.importValue()` or `CfnParameter` to represent a list of subnet IDs) sometimes accidentally works. It happens to work for constructs that need a list of subnets (like `AutoScalingGroup` and `eks.Cluster`) but it does not work for constructs that need individual subnets (like `Instance`). See https://github.com/aws/aws-cdk/issues/4118 for more information.
Prefer to use `Vpc.fromLookup()` instead.
func FourTierNetworkSpoke_IsConstruct ¶
func FourTierNetworkSpoke_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func FourTierNetworkSpoke_IsOwnedResource ¶
func FourTierNetworkSpoke_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func FourTierNetworkSpoke_IsResource ¶
func FourTierNetworkSpoke_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func FourTierNetwork_DEFAULT_CIDR_RANGE ¶
func FourTierNetwork_DEFAULT_CIDR_RANGE() *string
func FourTierNetwork_DEFAULT_SUBNETS ¶
func FourTierNetwork_DEFAULT_SUBNETS() *[]*awsec2.SubnetConfiguration
func FourTierNetwork_DEFAULT_SUBNETS_NO_NAT ¶
func FourTierNetwork_DEFAULT_SUBNETS_NO_NAT() *[]*awsec2.SubnetConfiguration
func FourTierNetwork_FromLookup ¶
func FourTierNetwork_FromLookup(scope constructs.Construct, id *string, options *awsec2.VpcLookupOptions) awsec2.IVpc
Import an existing VPC by querying the AWS environment this stack is deployed to.
This function only needs to be used to use VPCs not defined in your CDK application. If you are looking to share a VPC between stacks, you can pass the `Vpc` object between stacks and use it as normal.
Calling this method will lead to a lookup when the CDK CLI is executed. You can therefore not use any values that will only be available at CloudFormation execution time (i.e., Tokens).
The VPC information will be cached in `cdk.context.json` and the same VPC will be used on future runs. To refresh the lookup, you will have to evict the value from the cache using the `cdk context` command. See https://docs.aws.amazon.com/cdk/latest/guide/context.html for more information.
func FourTierNetwork_FromVpcAttributes ¶
func FourTierNetwork_FromVpcAttributes(scope constructs.Construct, id *string, attrs *awsec2.VpcAttributes) awsec2.IVpc
Import a VPC by supplying all attributes directly.
NOTE: using `fromVpcAttributes()` with deploy-time parameters (like a `Fn.importValue()` or `CfnParameter` to represent a list of subnet IDs) sometimes accidentally works. It happens to work for constructs that need a list of subnets (like `AutoScalingGroup` and `eks.Cluster`) but it does not work for constructs that need individual subnets (like `Instance`). See https://github.com/aws/aws-cdk/issues/4118 for more information.
Prefer to use `Vpc.fromLookup()` instead.
func FourTierNetwork_IsConstruct ¶
func FourTierNetwork_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func FourTierNetwork_IsOwnedResource ¶
func FourTierNetwork_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func FourTierNetwork_IsResource ¶
func FourTierNetwork_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func IpAddressManager_DEFAULT_CLIENT_VPN_ALLOCATION_MASK ¶ added in v0.0.59
func IpAddressManager_DEFAULT_CLIENT_VPN_ALLOCATION_MASK() *float64
func IpAddressManager_DEFAULT_VPC_ALLOCATION_MASK ¶ added in v0.0.56
func IpAddressManager_DEFAULT_VPC_ALLOCATION_MASK() *float64
func IpAddressManager_DEFAULT_VPC_POOL_CIDRS ¶ added in v0.0.56
func IpAddressManager_DEFAULT_VPC_POOL_CIDRS() *[]*string
func IpAddressManager_DEFAULT_VPN_POOL_CIDRS ¶ added in v0.0.59
func IpAddressManager_DEFAULT_VPN_POOL_CIDRS() *[]*string
func IpAddressManager_IsConstruct ¶
func IpAddressManager_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func IpAddressManager_IsOwnedResource ¶
func IpAddressManager_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func IpAddressManager_IsResource ¶
func IpAddressManager_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func NetworkController_DEFAULT_CLIENT_VPN_NETMASK ¶ added in v0.0.59
func NetworkController_DEFAULT_CLIENT_VPN_NETMASK() *float64
func NetworkController_IsConstruct ¶ added in v0.0.51
func NetworkController_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func NetworkController_IsOwnedResource ¶ added in v0.0.51
func NetworkController_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func NetworkController_IsResource ¶ added in v0.0.51
func NetworkController_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func NetworkIsolatedClientVpnEndpoint_DEFAULT_VPN_CIDR ¶ added in v0.0.59
func NetworkIsolatedClientVpnEndpoint_DEFAULT_VPN_CIDR() *string
func NetworkIsolatedClientVpnEndpoint_IsConstruct ¶ added in v0.0.59
func NetworkIsolatedClientVpnEndpoint_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func NetworkIsolatedClientVpnEndpoint_IsOwnedResource ¶ added in v0.0.59
func NetworkIsolatedClientVpnEndpoint_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func NetworkIsolatedClientVpnEndpoint_IsResource ¶ added in v0.0.59
func NetworkIsolatedClientVpnEndpoint_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func NewFourTierNetworkHub_Override ¶
func NewFourTierNetworkHub_Override(f FourTierNetworkHub, scope constructs.IConstruct, id *string, props *FourTierNetworkHubProps)
func NewFourTierNetworkSpoke_Override ¶
func NewFourTierNetworkSpoke_Override(f FourTierNetworkSpoke, scope constructs.IConstruct, id *string, props *FourTierNetworkSpokeProps)
func NewFourTierNetwork_Override ¶
func NewFourTierNetwork_Override(f FourTierNetwork, scope constructs.IConstruct, id *string, props *FourTierNetworkProps)
func NewIpAddressManager_Override ¶
func NewIpAddressManager_Override(i IpAddressManager, scope constructs.IConstruct, id *string, props *IpAddressManagerProps)
func NewNetworkController_Override ¶ added in v0.0.51
func NewNetworkController_Override(n NetworkController, scope constructs.IConstruct, id *string, props *NetworkControllerProps)
func NewNetworkIsolatedClientVpnEndpoint_Override ¶ added in v0.0.59
func NewNetworkIsolatedClientVpnEndpoint_Override(n NetworkIsolatedClientVpnEndpoint, scope constructs.IConstruct, id *string, props *NetworkIsolatedClientVpnEndpointProps)
Types ¶
type AddAuthorizationRuleOptions ¶ added in v0.0.63
type AddAuthorizationRuleOptions struct {
// The IPv4 address range, in CIDR notation, of the network for which access is being authorized.
Cidr *string `field:"required" json:"cidr" yaml:"cidr"`
// A brief description of the authorization rule.
// Default: - no description.
//
Description *string `field:"optional" json:"description" yaml:"description"`
// The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group.
// Default: - authorize all groups.
//
GroupId *string `field:"optional" json:"groupId" yaml:"groupId"`
Scope constructs.IConstruct `field:"optional" json:"scope" yaml:"scope"`
}
type AddCidrBlockOptions ¶ added in v0.0.59
type AddCidrBlockOptions struct {
CidrAssignment ec2.ICidrAssignment `field:"required" json:"cidrAssignment" yaml:"cidrAssignment"`
}
type AddClientVpnEndpointOptions ¶ added in v0.0.59
type AddClientVpnEndpointOptions struct {
ServerCertificate awscertificatemanager.ICertificate `field:"required" json:"serverCertificate" yaml:"serverCertificate"`
AuthorizeAllUsersToVpcCidr *bool `field:"optional" json:"authorizeAllUsersToVpcCidr" yaml:"authorizeAllUsersToVpcCidr"`
ClientCertificate awscertificatemanager.ICertificate `field:"optional" json:"clientCertificate" yaml:"clientCertificate"`
ClientConnectionHandler awsec2.IClientVpnConnectionHandler `field:"optional" json:"clientConnectionHandler" yaml:"clientConnectionHandler"`
ClientLoginBanner *string `field:"optional" json:"clientLoginBanner" yaml:"clientLoginBanner"`
Description *string `field:"optional" json:"description" yaml:"description"`
DnsServers *[]*string `field:"optional" json:"dnsServers" yaml:"dnsServers"`
Logging *bool `field:"optional" json:"logging" yaml:"logging"`
LogGroup awslogs.ILogGroup `field:"optional" json:"logGroup" yaml:"logGroup"`
LogStream awslogs.ILogStream `field:"optional" json:"logStream" yaml:"logStream"`
MaxAzs *float64 `field:"optional" json:"maxAzs" yaml:"maxAzs"`
Port awsec2.VpnPort `field:"optional" json:"port" yaml:"port"`
SelfServicePortal *bool `field:"optional" json:"selfServicePortal" yaml:"selfServicePortal"`
SplitTunnel *bool `field:"optional" json:"splitTunnel" yaml:"splitTunnel"`
SubnetCidr ec2.IIpv4CidrAssignment `field:"optional" json:"subnetCidr" yaml:"subnetCidr"`
TransportProtocol awsec2.TransportProtocol `field:"optional" json:"transportProtocol" yaml:"transportProtocol"`
UserBasedAuthentication awsec2.ClientVpnUserBasedAuthentication `field:"optional" json:"userBasedAuthentication" yaml:"userBasedAuthentication"`
VpnCidr ec2.IIpv4CidrAssignment `field:"optional" json:"vpnCidr" yaml:"vpnCidr"`
}
type AddHubOptions ¶ added in v0.0.58
type AddHubOptions struct {
AvailabilityZones *[]*string `field:"optional" json:"availabilityZones" yaml:"availabilityZones"`
MaxAzs *float64 `field:"optional" json:"maxAzs" yaml:"maxAzs"`
Netmask *float64 `field:"optional" json:"netmask" yaml:"netmask"`
DefaultTransitGatewayRouteTable ec2.ITransitGatewayRouteTable `field:"optional" json:"defaultTransitGatewayRouteTable" yaml:"defaultTransitGatewayRouteTable"`
}
type AddIsolatedClientVpnEndpointOptions ¶ added in v0.0.59
type AddIsolatedClientVpnEndpointOptions struct {
ServerCertificate awscertificatemanager.ICertificate `field:"required" json:"serverCertificate" yaml:"serverCertificate"`
AuthorizeAllUsersToVpcCidr *bool `field:"optional" json:"authorizeAllUsersToVpcCidr" yaml:"authorizeAllUsersToVpcCidr"`
ClientCertificate awscertificatemanager.ICertificate `field:"optional" json:"clientCertificate" yaml:"clientCertificate"`
ClientConnectionHandler awsec2.IClientVpnConnectionHandler `field:"optional" json:"clientConnectionHandler" yaml:"clientConnectionHandler"`
ClientLoginBanner *string `field:"optional" json:"clientLoginBanner" yaml:"clientLoginBanner"`
Description *string `field:"optional" json:"description" yaml:"description"`
DnsServers *[]*string `field:"optional" json:"dnsServers" yaml:"dnsServers"`
Logging *bool `field:"optional" json:"logging" yaml:"logging"`
LogGroup awslogs.ILogGroup `field:"optional" json:"logGroup" yaml:"logGroup"`
LogStream awslogs.ILogStream `field:"optional" json:"logStream" yaml:"logStream"`
MaxAzs *float64 `field:"optional" json:"maxAzs" yaml:"maxAzs"`
Port awsec2.VpnPort `field:"optional" json:"port" yaml:"port"`
SelfServicePortal *bool `field:"optional" json:"selfServicePortal" yaml:"selfServicePortal"`
SplitTunnel *bool `field:"optional" json:"splitTunnel" yaml:"splitTunnel"`
SubnetCidr ec2.IIpv4CidrAssignment `field:"optional" json:"subnetCidr" yaml:"subnetCidr"`
TransportProtocol awsec2.TransportProtocol `field:"optional" json:"transportProtocol" yaml:"transportProtocol"`
UserBasedAuthentication awsec2.ClientVpnUserBasedAuthentication `field:"optional" json:"userBasedAuthentication" yaml:"userBasedAuthentication"`
VpnCidr ec2.IIpv4CidrAssignment `field:"optional" json:"vpnCidr" yaml:"vpnCidr"`
}
type AddMultiSubnetRouteOptions ¶ added in v0.0.61
type AddNetworkOptions ¶ added in v0.0.51
type AddPoolOptions ¶
type AddSpokeNetworkProps ¶
type AddSpokeNetworkProps struct {
AvailabilityZones *[]*string `field:"optional" json:"availabilityZones" yaml:"availabilityZones"`
Cidr ec2.IIpv4CidrAssignment `field:"optional" json:"cidr" yaml:"cidr"`
DefaultInstanceTenancy awsec2.DefaultInstanceTenancy `field:"optional" json:"defaultInstanceTenancy" yaml:"defaultInstanceTenancy"`
EnableDnsHostnames *bool `field:"optional" json:"enableDnsHostnames" yaml:"enableDnsHostnames"`
EnableDnsSupport *bool `field:"optional" json:"enableDnsSupport" yaml:"enableDnsSupport"`
FlowLogs *map[string]*FlowLogOptions `field:"optional" json:"flowLogs" yaml:"flowLogs"`
GatewayEndpoints *map[string]*awsec2.GatewayVpcEndpointOptions `field:"optional" json:"gatewayEndpoints" yaml:"gatewayEndpoints"`
MaxAzs *float64 `field:"optional" json:"maxAzs" yaml:"maxAzs"`
VpcName *string `field:"optional" json:"vpcName" yaml:"vpcName"`
VpnConnections *map[string]*awsec2.VpnConnectionOptions `field:"optional" json:"vpnConnections" yaml:"vpnConnections"`
VpnGateway *bool `field:"optional" json:"vpnGateway" yaml:"vpnGateway"`
VpnGatewayAsn *float64 `field:"optional" json:"vpnGatewayAsn" yaml:"vpnGatewayAsn"`
VpnRoutePropagation *[]*awsec2.SubnetSelection `field:"optional" json:"vpnRoutePropagation" yaml:"vpnRoutePropagation"`
}
type FlowLogOptions ¶
type FlowLogOptions struct {
// Specifies the type of destination to which the flow log data is to be published.
//
// Flow log data can be published to CloudWatch Logs or Amazon S3.
// Default: FlowLogDestinationType.toCloudWatchLogs()
//
Destination awsec2.FlowLogDestination `field:"optional" json:"destination" yaml:"destination"`
// The fields to include in the flow log record, in the order in which they should appear.
//
// If multiple fields are specified, they will be separated by spaces. For full control over the literal log format
// string, pass a single field constructed with `LogFormat.custom()`.
//
// See https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records
// Default: - default log format is used.
//
LogFormat *[]awsec2.LogFormat `field:"optional" json:"logFormat" yaml:"logFormat"`
// The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record.
// Default: FlowLogMaxAggregationInterval.TEN_MINUTES
//
MaxAggregationInterval awsec2.FlowLogMaxAggregationInterval `field:"optional" json:"maxAggregationInterval" yaml:"maxAggregationInterval"`
// The type of traffic to log.
//
// You can log traffic that the resource accepts or rejects, or all traffic.
// Default: ALL.
//
TrafficType awsec2.FlowLogTrafficType `field:"optional" json:"trafficType" yaml:"trafficType"`
LogFormatDefinition ec2.FlowLogFormat `field:"optional" json:"logFormatDefinition" yaml:"logFormatDefinition"`
}
type FourTierNetwork ¶
type FourTierNetwork interface {
awsec2.Vpc
AddressManager() IpAddressManager
// AZs for this VPC.
AvailabilityZones() *[]*string
DefaultInstanceTenancy() awsec2.DefaultInstanceTenancy
// Indicates if instances launched in this VPC will have public DNS hostnames.
DnsHostnamesEnabled() *bool
// Indicates if DNS support is enabled for this VPC.
DnsSupportEnabled() *bool
EnableDnsHostnames() *bool
EnableDnsSupport() *bool
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
// If this is set to true, don't error out on trying to select subnets.
IncompleteSubnetDefinition() *bool
SetIncompleteSubnetDefinition(val *bool)
// Dependencies for internet connectivity.
InternetConnectivityEstablished() constructs.IDependable
// Internet Gateway for the VPC.
//
// Note that in case the VPC is configured only
// with ISOLATED subnets, this attribute will be `undefined`.
InternetGatewayId() *string
IpamPool() ec2.IIpamPool
// List of isolated subnets in this VPC.
IsolatedSubnets() *[]awsec2.ISubnet
MaxAzs() *float64
Netmask() *float64
// The tree node.
Node() constructs.Node
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
// List of private subnets in this VPC.
PrivateSubnets() *[]awsec2.ISubnet
// List of public subnets in this VPC.
PublicSubnets() *[]awsec2.ISubnet
// The stack in which this resource is defined.
Stack() awscdk.Stack
// Arn of this VPC.
VpcArn() *string
// CIDR range for this VPC.
VpcCidrBlock() *string
VpcCidrBlockAssociations() *[]*string
VpcDefaultNetworkAcl() *string
VpcDefaultSecurityGroup() *string
// Identifier for this VPC.
VpcId() *string
VpcIpv6CidrBlocks() *[]*string
VpcName() *string
// Returns the id of the VPN Gateway (if enabled).
VpnGatewayId() *string
AddCidrBlock(id *string, options *AddCidrBlockOptions) ec2.IVpcCidrBlock
// Adds a new client VPN endpoint to this VPC.
AddClientVpnEndpoint(id *string, options *awsec2.ClientVpnEndpointOptions) awsec2.ClientVpnEndpoint
// Adds a new flow log to this VPC.
AddFlowLog(id *string, options *awsec2.FlowLogOptions) awsec2.FlowLog
// Adds a new gateway endpoint to this VPC.
AddGatewayEndpoint(id *string, options *awsec2.GatewayVpcEndpointOptions) awsec2.GatewayVpcEndpoint
// Adds a new interface endpoint to this VPC.
AddInterfaceEndpoint(id *string, options *awsec2.InterfaceVpcEndpointOptions) awsec2.InterfaceVpcEndpoint
AddIsolatedClientVpnEndpoint(id *string, options *AddIsolatedClientVpnEndpointOptions) NetworkIsolatedClientVpnEndpoint
AddVpcFlowLog(id *string, options *FlowLogOptions) awsec2.FlowLog
// Adds a new VPN connection to this VPC.
AddVpnConnection(id *string, options *awsec2.VpnConnectionOptions) awsec2.VpnConnection
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
// Adds a VPN Gateway to this VPC.
EnableVpnGateway(options *awsec2.EnableVpnGatewayOptions)
GeneratePhysicalName() *string
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
// Return the subnets appropriate for the placement strategy.
SelectSubnetObjects(selection *awsec2.SubnetSelection) *[]awsec2.ISubnet
// Returns IDs of selected subnets.
SelectSubnets(selection *awsec2.SubnetSelection) *awsec2.SelectedSubnets
// Returns a string representation of this construct.
ToString() *string
}
func NewFourTierNetwork ¶
func NewFourTierNetwork(scope constructs.IConstruct, id *string, props *FourTierNetworkProps) FourTierNetwork
type FourTierNetworkHub ¶
type FourTierNetworkHub interface {
FourTierNetwork
AddressManager() IpAddressManager
// AZs for this VPC.
AvailabilityZones() *[]*string
DefaultInstanceTenancy() awsec2.DefaultInstanceTenancy
DefaultTransitGatewayRouteTable() ec2.ITransitGatewayRouteTable
// Indicates if instances launched in this VPC will have public DNS hostnames.
DnsHostnamesEnabled() *bool
// Indicates if DNS support is enabled for this VPC.
DnsSupportEnabled() *bool
EnableDnsHostnames() *bool
EnableDnsSupport() *bool
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
GlobalNetwork() networkmanager.GlobalNetwork
// If this is set to true, don't error out on trying to select subnets.
IncompleteSubnetDefinition() *bool
SetIncompleteSubnetDefinition(val *bool)
// Dependencies for internet connectivity.
InternetConnectivityEstablished() constructs.IDependable
// Internet Gateway for the VPC.
//
// Note that in case the VPC is configured only
// with ISOLATED subnets, this attribute will be `undefined`.
InternetGatewayId() *string
IpamPool() ec2.IIpamPool
// List of isolated subnets in this VPC.
IsolatedSubnets() *[]awsec2.ISubnet
MaxAzs() *float64
Netmask() *float64
// The tree node.
Node() constructs.Node
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
// List of private subnets in this VPC.
PrivateSubnets() *[]awsec2.ISubnet
// List of public subnets in this VPC.
PublicSubnets() *[]awsec2.ISubnet
Sharing() *FourTierNetworkShareProperties
// The stack in which this resource is defined.
Stack() awscdk.Stack
TransitGateway() ec2.ITransitGateway
// Arn of this VPC.
VpcArn() *string
// CIDR range for this VPC.
VpcCidrBlock() *string
VpcCidrBlockAssociations() *[]*string
VpcDefaultNetworkAcl() *string
VpcDefaultSecurityGroup() *string
// Identifier for this VPC.
VpcId() *string
VpcIpv6CidrBlocks() *[]*string
VpcName() *string
// Returns the id of the VPN Gateway (if enabled).
VpnGatewayId() *string
AddCidrBlock(id *string, options *AddCidrBlockOptions) ec2.IVpcCidrBlock
// Adds a new client VPN endpoint to this VPC.
AddClientVpnEndpoint(id *string, options *awsec2.ClientVpnEndpointOptions) awsec2.ClientVpnEndpoint
// Adds a new flow log to this VPC.
AddFlowLog(id *string, options *awsec2.FlowLogOptions) awsec2.FlowLog
// Adds a new gateway endpoint to this VPC.
AddGatewayEndpoint(id *string, options *awsec2.GatewayVpcEndpointOptions) awsec2.GatewayVpcEndpoint
// Adds a new interface endpoint to this VPC.
AddInterfaceEndpoint(id *string, options *awsec2.InterfaceVpcEndpointOptions) awsec2.InterfaceVpcEndpoint
AddIsolatedClientVpnEndpoint(id *string, options *AddIsolatedClientVpnEndpointOptions) NetworkIsolatedClientVpnEndpoint
AddSpoke(scope constructs.IConstruct, id *string, props *AddSpokeNetworkProps) FourTierNetworkSpoke
AddVpcFlowLog(id *string, options *FlowLogOptions) awsec2.FlowLog
// Adds a new VPN connection to this VPC.
AddVpnConnection(id *string, options *awsec2.VpnConnectionOptions) awsec2.VpnConnection
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
EnableTransitGateway(props *ec2.TransitGatewayProps) ec2.ITransitGateway
// Adds a VPN Gateway to this VPC.
EnableVpnGateway(options *awsec2.EnableVpnGatewayOptions)
GeneratePhysicalName() *string
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
// Return the subnets appropriate for the placement strategy.
SelectSubnetObjects(selection *awsec2.SubnetSelection) *[]awsec2.ISubnet
// Returns IDs of selected subnets.
SelectSubnets(selection *awsec2.SubnetSelection) *awsec2.SelectedSubnets
// Returns a string representation of this construct.
ToString() *string
}
func NewFourTierNetworkHub ¶
func NewFourTierNetworkHub(scope constructs.IConstruct, id *string, props *FourTierNetworkHubProps) FourTierNetworkHub
type FourTierNetworkHubProps ¶
type FourTierNetworkHubProps struct {
// The AWS account ID this resource belongs to.
// Default: - the resource is in the same account as the stack it belongs to.
//
Account *string `field:"optional" json:"account" yaml:"account"`
// ARN to deduce region and account from.
//
// The ARN is parsed and the account and region are taken from the ARN.
// This should be used for imported resources.
//
// Cannot be supplied together with either `account` or `region`.
// Default: - take environment from `account`, `region` parameters, or use Stack environment.
//
EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
// The value passed in by users to the physical name prop of the resource.
//
// - `undefined` implies that a physical name will be allocated by
// CloudFormation during deployment.
// - a concrete value implies a specific physical name
// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
// by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
// Default: - The physical name will be allocated by CloudFormation at deployment time.
//
PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
// The AWS region this resource belongs to.
// Default: - the resource is in the same region as the stack it belongs to.
//
Region *string `field:"optional" json:"region" yaml:"region"`
AddressManager IpAddressManager `field:"optional" json:"addressManager" yaml:"addressManager"`
AvailabilityZones *[]*string `field:"optional" json:"availabilityZones" yaml:"availabilityZones"`
Cidr ec2.IIpv4CidrAssignment `field:"optional" json:"cidr" yaml:"cidr"`
ClientVpnPool ec2.IIpamPool `field:"optional" json:"clientVpnPool" yaml:"clientVpnPool"`
DefaultInstanceTenancy awsec2.DefaultInstanceTenancy `field:"optional" json:"defaultInstanceTenancy" yaml:"defaultInstanceTenancy"`
DefaultTransitGatewayRouteTable ec2.ITransitGatewayRouteTable `field:"optional" json:"defaultTransitGatewayRouteTable" yaml:"defaultTransitGatewayRouteTable"`
EnableDnsHostnames *bool `field:"optional" json:"enableDnsHostnames" yaml:"enableDnsHostnames"`
EnableDnsSupport *bool `field:"optional" json:"enableDnsSupport" yaml:"enableDnsSupport"`
FlowLogs *map[string]*FlowLogOptions `field:"optional" json:"flowLogs" yaml:"flowLogs"`
GatewayEndpoints *map[string]*awsec2.GatewayVpcEndpointOptions `field:"optional" json:"gatewayEndpoints" yaml:"gatewayEndpoints"`
GlobalNetwork networkmanager.GlobalNetwork `field:"optional" json:"globalNetwork" yaml:"globalNetwork"`
MaxAzs *float64 `field:"optional" json:"maxAzs" yaml:"maxAzs"`
Sharing *FourTierNetworkShareProperties `field:"optional" json:"sharing" yaml:"sharing"`
VpcName *string `field:"optional" json:"vpcName" yaml:"vpcName"`
VpnConnections *map[string]*awsec2.VpnConnectionOptions `field:"optional" json:"vpnConnections" yaml:"vpnConnections"`
VpnGateway *bool `field:"optional" json:"vpnGateway" yaml:"vpnGateway"`
VpnGatewayAsn *float64 `field:"optional" json:"vpnGatewayAsn" yaml:"vpnGatewayAsn"`
VpnRoutePropagation *[]*awsec2.SubnetSelection `field:"optional" json:"vpnRoutePropagation" yaml:"vpnRoutePropagation"`
}
type FourTierNetworkProps ¶
type FourTierNetworkProps struct {
AddressManager IpAddressManager `field:"optional" json:"addressManager" yaml:"addressManager"`
AvailabilityZones *[]*string `field:"optional" json:"availabilityZones" yaml:"availabilityZones"`
Cidr ec2.IIpv4CidrAssignment `field:"optional" json:"cidr" yaml:"cidr"`
DefaultInstanceTenancy awsec2.DefaultInstanceTenancy `field:"optional" json:"defaultInstanceTenancy" yaml:"defaultInstanceTenancy"`
EnableDnsHostnames *bool `field:"optional" json:"enableDnsHostnames" yaml:"enableDnsHostnames"`
EnableDnsSupport *bool `field:"optional" json:"enableDnsSupport" yaml:"enableDnsSupport"`
FlowLogs *map[string]*FlowLogOptions `field:"optional" json:"flowLogs" yaml:"flowLogs"`
GatewayEndpoints *map[string]*awsec2.GatewayVpcEndpointOptions `field:"optional" json:"gatewayEndpoints" yaml:"gatewayEndpoints"`
MaxAzs *float64 `field:"optional" json:"maxAzs" yaml:"maxAzs"`
NatGatewayProvider awsec2.NatProvider `field:"optional" json:"natGatewayProvider" yaml:"natGatewayProvider"`
NatGateways *float64 `field:"optional" json:"natGateways" yaml:"natGateways"`
NatGatewaySubnets *awsec2.SubnetSelection `field:"optional" json:"natGatewaySubnets" yaml:"natGatewaySubnets"`
VpcName *string `field:"optional" json:"vpcName" yaml:"vpcName"`
VpnConnections *map[string]*awsec2.VpnConnectionOptions `field:"optional" json:"vpnConnections" yaml:"vpnConnections"`
VpnGateway *bool `field:"optional" json:"vpnGateway" yaml:"vpnGateway"`
VpnGatewayAsn *float64 `field:"optional" json:"vpnGatewayAsn" yaml:"vpnGatewayAsn"`
VpnRoutePropagation *[]*awsec2.SubnetSelection `field:"optional" json:"vpnRoutePropagation" yaml:"vpnRoutePropagation"`
}
type FourTierNetworkShareProperties ¶
type FourTierNetworkShareProperties struct {
}
type FourTierNetworkSpoke ¶
type FourTierNetworkSpoke interface {
FourTierNetwork
AddressManager() IpAddressManager
// AZs for this VPC.
AvailabilityZones() *[]*string
DefaultInstanceTenancy() awsec2.DefaultInstanceTenancy
// Indicates if instances launched in this VPC will have public DNS hostnames.
DnsHostnamesEnabled() *bool
// Indicates if DNS support is enabled for this VPC.
DnsSupportEnabled() *bool
EnableDnsHostnames() *bool
EnableDnsSupport() *bool
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
// If this is set to true, don't error out on trying to select subnets.
IncompleteSubnetDefinition() *bool
SetIncompleteSubnetDefinition(val *bool)
// Dependencies for internet connectivity.
InternetConnectivityEstablished() constructs.IDependable
// Internet Gateway for the VPC.
//
// Note that in case the VPC is configured only
// with ISOLATED subnets, this attribute will be `undefined`.
InternetGatewayId() *string
IpamPool() ec2.IIpamPool
// List of isolated subnets in this VPC.
IsolatedSubnets() *[]awsec2.ISubnet
MaxAzs() *float64
Netmask() *float64
// The tree node.
Node() constructs.Node
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
// List of private subnets in this VPC.
PrivateSubnets() *[]awsec2.ISubnet
// List of public subnets in this VPC.
PublicSubnets() *[]awsec2.ISubnet
// The stack in which this resource is defined.
Stack() awscdk.Stack
TransitGateway() ec2.ITransitGateway
TransitGatewayAttachment() ec2.ITransitGatewayAttachment
// Arn of this VPC.
VpcArn() *string
// CIDR range for this VPC.
VpcCidrBlock() *string
VpcCidrBlockAssociations() *[]*string
VpcDefaultNetworkAcl() *string
VpcDefaultSecurityGroup() *string
// Identifier for this VPC.
VpcId() *string
VpcIpv6CidrBlocks() *[]*string
VpcName() *string
// Returns the id of the VPN Gateway (if enabled).
VpnGatewayId() *string
AddCidrBlock(id *string, options *AddCidrBlockOptions) ec2.IVpcCidrBlock
// Adds a new client VPN endpoint to this VPC.
AddClientVpnEndpoint(id *string, options *awsec2.ClientVpnEndpointOptions) awsec2.ClientVpnEndpoint
// Adds a new flow log to this VPC.
AddFlowLog(id *string, options *awsec2.FlowLogOptions) awsec2.FlowLog
// Adds a new gateway endpoint to this VPC.
AddGatewayEndpoint(id *string, options *awsec2.GatewayVpcEndpointOptions) awsec2.GatewayVpcEndpoint
// Adds a new interface endpoint to this VPC.
AddInterfaceEndpoint(id *string, options *awsec2.InterfaceVpcEndpointOptions) awsec2.InterfaceVpcEndpoint
AddIsolatedClientVpnEndpoint(id *string, options *AddIsolatedClientVpnEndpointOptions) NetworkIsolatedClientVpnEndpoint
AddVpcFlowLog(id *string, options *FlowLogOptions) awsec2.FlowLog
// Adds a new VPN connection to this VPC.
AddVpnConnection(id *string, options *awsec2.VpnConnectionOptions) awsec2.VpnConnection
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
// Adds a VPN Gateway to this VPC.
EnableVpnGateway(options *awsec2.EnableVpnGatewayOptions)
GeneratePhysicalName() *string
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
// Return the subnets appropriate for the placement strategy.
SelectSubnetObjects(selection *awsec2.SubnetSelection) *[]awsec2.ISubnet
// Returns IDs of selected subnets.
SelectSubnets(selection *awsec2.SubnetSelection) *awsec2.SelectedSubnets
// Returns a string representation of this construct.
ToString() *string
}
func NewFourTierNetworkSpoke ¶
func NewFourTierNetworkSpoke(scope constructs.IConstruct, id *string, props *FourTierNetworkSpokeProps) FourTierNetworkSpoke
type FourTierNetworkSpokeProps ¶
type FourTierNetworkSpokeProps struct {
// The AWS account ID this resource belongs to.
// Default: - the resource is in the same account as the stack it belongs to.
//
Account *string `field:"optional" json:"account" yaml:"account"`
// ARN to deduce region and account from.
//
// The ARN is parsed and the account and region are taken from the ARN.
// This should be used for imported resources.
//
// Cannot be supplied together with either `account` or `region`.
// Default: - take environment from `account`, `region` parameters, or use Stack environment.
//
EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
// The value passed in by users to the physical name prop of the resource.
//
// - `undefined` implies that a physical name will be allocated by
// CloudFormation during deployment.
// - a concrete value implies a specific physical name
// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
// by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
// Default: - The physical name will be allocated by CloudFormation at deployment time.
//
PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
// The AWS region this resource belongs to.
// Default: - the resource is in the same region as the stack it belongs to.
//
Region *string `field:"optional" json:"region" yaml:"region"`
Hub FourTierNetworkHub `field:"required" json:"hub" yaml:"hub"`
AddressManager IpAddressManager `field:"optional" json:"addressManager" yaml:"addressManager"`
AvailabilityZones *[]*string `field:"optional" json:"availabilityZones" yaml:"availabilityZones"`
Cidr ec2.IIpv4CidrAssignment `field:"optional" json:"cidr" yaml:"cidr"`
ClientVpnPool ec2.IIpamPool `field:"optional" json:"clientVpnPool" yaml:"clientVpnPool"`
DefaultInstanceTenancy awsec2.DefaultInstanceTenancy `field:"optional" json:"defaultInstanceTenancy" yaml:"defaultInstanceTenancy"`
EnableDnsHostnames *bool `field:"optional" json:"enableDnsHostnames" yaml:"enableDnsHostnames"`
EnableDnsSupport *bool `field:"optional" json:"enableDnsSupport" yaml:"enableDnsSupport"`
FlowLogs *map[string]*awsec2.FlowLogOptions `field:"optional" json:"flowLogs" yaml:"flowLogs"`
GatewayEndpoints *map[string]*awsec2.GatewayVpcEndpointOptions `field:"optional" json:"gatewayEndpoints" yaml:"gatewayEndpoints"`
MaxAzs *float64 `field:"optional" json:"maxAzs" yaml:"maxAzs"`
VpcName *string `field:"optional" json:"vpcName" yaml:"vpcName"`
VpnConnections *map[string]*awsec2.VpnConnectionOptions `field:"optional" json:"vpnConnections" yaml:"vpnConnections"`
VpnGateway *bool `field:"optional" json:"vpnGateway" yaml:"vpnGateway"`
VpnGatewayAsn *float64 `field:"optional" json:"vpnGatewayAsn" yaml:"vpnGatewayAsn"`
VpnRoutePropagation *[]*awsec2.SubnetSelection `field:"optional" json:"vpnRoutePropagation" yaml:"vpnRoutePropagation"`
}
type GetClientVpnConfigurationOptions ¶ added in v0.0.59
type GetClientVpnConfigurationOptions struct {
Netmask *float64 `field:"optional" json:"netmask" yaml:"netmask"`
}
type GetClientVpnConfigurationResult ¶ added in v0.0.59
type GetClientVpnConfigurationResult struct {
Cidr *string `field:"required" json:"cidr" yaml:"cidr"`
}
type GetVpcConfigurationOptions ¶ added in v0.0.56
type GetVpcConfigurationOptions struct {
Netmask *float64 `field:"optional" json:"netmask" yaml:"netmask"`
}
type IpAddressManager ¶
type IpAddressManager interface {
awscdk.Resource
AllowExternalPricipals() *bool
ClientVpnAllocationMask() *float64
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
Ipam() ec2.Ipam
// The tree node.
Node() constructs.Node
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
SharingEnabled() *bool
// The stack in which this resource is defined.
Stack() awscdk.Stack
VpcAllocationMask() *float64
AddRegion(region *string)
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
GeneratePhysicalName() *string
GetClientVpnConfiguration(scope constructs.IConstruct, id *string, options *GetClientVpnConfigurationOptions) ec2.IIpv4CidrAssignment
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
GetVpcConfiguration(scope constructs.IConstruct, id *string, options *GetVpcConfigurationOptions) ec2.IIpv4CidrAssignment
PrivateVpcPoolForEnvironment(account *string, region *string) ec2.IIpamPool
PrivateVpcPoolForRegion(region *string) ec2.IIpamPool
PrivateVpnPoolForEnvironment(account *string, region *string) ec2.IIpamPool
PrivateVpnPoolForRegion(region *string) ec2.IIpamPool
RegisterAccount(account *string, pool ec2.IIpamPool)
RegisterCidr(scope constructs.IConstruct, id *string, cidr *string)
// Returns a string representation of this construct.
ToString() *string
}
func NewIpAddressManager ¶
func NewIpAddressManager(scope constructs.IConstruct, id *string, props *IpAddressManagerProps) IpAddressManager
type IpAddressManagerProps ¶
type IpAddressManagerProps struct {
// The AWS account ID this resource belongs to.
// Default: - the resource is in the same account as the stack it belongs to.
//
Account *string `field:"optional" json:"account" yaml:"account"`
// ARN to deduce region and account from.
//
// The ARN is parsed and the account and region are taken from the ARN.
// This should be used for imported resources.
//
// Cannot be supplied together with either `account` or `region`.
// Default: - take environment from `account`, `region` parameters, or use Stack environment.
//
EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
// The value passed in by users to the physical name prop of the resource.
//
// - `undefined` implies that a physical name will be allocated by
// CloudFormation during deployment.
// - a concrete value implies a specific physical name
// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
// by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
// Default: - The physical name will be allocated by CloudFormation at deployment time.
//
PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
// The AWS region this resource belongs to.
// Default: - the resource is in the same region as the stack it belongs to.
//
Region *string `field:"optional" json:"region" yaml:"region"`
ClientVpnAllocationMask *float64 `field:"optional" json:"clientVpnAllocationMask" yaml:"clientVpnAllocationMask"`
Regions *[]*string `field:"optional" json:"regions" yaml:"regions"`
Sharing *IpAddressManagerSharingProps `field:"optional" json:"sharing" yaml:"sharing"`
VpcAllocationMask *float64 `field:"optional" json:"vpcAllocationMask" yaml:"vpcAllocationMask"`
VpcPoolCidrs *[]*string `field:"optional" json:"vpcPoolCidrs" yaml:"vpcPoolCidrs"`
VpcRegionMask *float64 `field:"optional" json:"vpcRegionMask" yaml:"vpcRegionMask"`
VpnPoolCidrs *[]*string `field:"optional" json:"vpnPoolCidrs" yaml:"vpnPoolCidrs"`
}
type NetworkController ¶ added in v0.0.51
type NetworkController interface {
awscdk.Resource
AddressManager() IpAddressManager
DefaultClientVpnNetmask() *float64
DefaultNetmask() *float64
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
FlowLogBucket() awss3.IBucket
FlowLogFormat() ec2.FlowLogFormat
GlobalNetwork() networkmanager.GlobalNetwork
// The tree node.
Node() constructs.Node
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
RegisteredAccounts() *[]*string
RegisteredRegions() *[]*string
// The stack in which this resource is defined.
Stack() awscdk.Stack
AddClientVpnEndpoint(scope constructs.IConstruct, id *string, options *AddClientVpnEndpointOptions)
AddHub(scope constructs.IConstruct, id *string, options *AddHubOptions) FourTierNetworkHub
AddSpoke(scope constructs.IConstruct, id *string, options *AddNetworkOptions) FourTierNetworkSpoke
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
GeneratePhysicalName() *string
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
RegisterAccount(account *string)
RegisterCidr(scope constructs.IConstruct, id *string, cidr *string)
RegisterRegion(region *string)
// Returns a string representation of this construct.
ToString() *string
}
func NewNetworkController ¶ added in v0.0.51
func NewNetworkController(scope constructs.IConstruct, id *string, props *NetworkControllerProps) NetworkController
type NetworkControllerProps ¶ added in v0.0.51
type NetworkControllerProps struct {
// The AWS account ID this resource belongs to.
// Default: - the resource is in the same account as the stack it belongs to.
//
Account *string `field:"optional" json:"account" yaml:"account"`
// ARN to deduce region and account from.
//
// The ARN is parsed and the account and region are taken from the ARN.
// This should be used for imported resources.
//
// Cannot be supplied together with either `account` or `region`.
// Default: - take environment from `account`, `region` parameters, or use Stack environment.
//
EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
// The value passed in by users to the physical name prop of the resource.
//
// - `undefined` implies that a physical name will be allocated by
// CloudFormation during deployment.
// - a concrete value implies a specific physical name
// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
// by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
// Default: - The physical name will be allocated by CloudFormation at deployment time.
//
PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
// The AWS region this resource belongs to.
// Default: - the resource is in the same region as the stack it belongs to.
//
Region *string `field:"optional" json:"region" yaml:"region"`
DefaultClientVpnNetmask *float64 `field:"optional" json:"defaultClientVpnNetmask" yaml:"defaultClientVpnNetmask"`
DefaultVpcNetmask *float64 `field:"optional" json:"defaultVpcNetmask" yaml:"defaultVpcNetmask"`
FlowLogBucket awss3.IBucket `field:"optional" json:"flowLogBucket" yaml:"flowLogBucket"`
FlowLogFormat ec2.FlowLogFormat `field:"optional" json:"flowLogFormat" yaml:"flowLogFormat"`
}
type NetworkIsolatedClientVpnEndpoint ¶ added in v0.0.59
type NetworkIsolatedClientVpnEndpoint interface {
awscdk.Resource
awsec2.IClientVpnEndpoint
awsec2.IConnectable
AuthorizeAllUsersToVpcCidr() *bool
ClientCertificate() awscertificatemanager.ICertificate
ClientConnectionHandler() awsec2.IClientVpnConnectionHandler
ClientLoginBanner() *string
ClientVpnEndpoint() awsec2.ClientVpnEndpoint
// The network connections associated with this resource.
Connections() awsec2.Connections
Description() *string
DnsServers() *[]*string
// The endpoint ID.
EndpointId() *string
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
Logging() *bool
LogGroup() awslogs.ILogGroup
LogStream() awslogs.ILogStream
MaxAzs() *float64
// The tree node.
Node() constructs.Node
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
Port() awsec2.VpnPort
SecurityGroups() *[]awsec2.ISecurityGroup
SelfServicePortal() *bool
ServerCertificate() awscertificatemanager.ICertificate
SplitTunnel() *bool
// The stack in which this resource is defined.
Stack() awscdk.Stack
Subnets() *[]awsec2.ISubnet
// Dependable that can be depended upon to force target networks associations.
TargetNetworksAssociated() constructs.IDependable
TransitGateway() ec2.ITransitGateway
TransportProtocol() awsec2.TransportProtocol
UserBasedAuthentication() awsec2.ClientVpnUserBasedAuthentication
Vpc() awsec2.IVpc
VpcCidrBlock() ec2.VpcCidrBlock
VpnCidr() ec2.IIpv4CidrAssignment
AddAuthorizationRule(id *string, options *AddAuthorizationRuleOptions) awsec2.ClientVpnAuthorizationRule
AddMultiSubnetRoute(id *string, options *AddMultiSubnetRouteOptions) interface{}
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
GeneratePhysicalName() *string
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
RegisterTransitGateway(transitGateway ec2.ITransitGateway)
// Returns a string representation of this construct.
ToString() *string
}
func NewNetworkIsolatedClientVpnEndpoint ¶ added in v0.0.59
func NewNetworkIsolatedClientVpnEndpoint(scope constructs.IConstruct, id *string, props *NetworkIsolatedClientVpnEndpointProps) NetworkIsolatedClientVpnEndpoint
type NetworkIsolatedClientVpnEndpointProps ¶ added in v0.0.59
type NetworkIsolatedClientVpnEndpointProps struct {
// The AWS account ID this resource belongs to.
// Default: - the resource is in the same account as the stack it belongs to.
//
Account *string `field:"optional" json:"account" yaml:"account"`
// ARN to deduce region and account from.
//
// The ARN is parsed and the account and region are taken from the ARN.
// This should be used for imported resources.
//
// Cannot be supplied together with either `account` or `region`.
// Default: - take environment from `account`, `region` parameters, or use Stack environment.
//
EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
// The value passed in by users to the physical name prop of the resource.
//
// - `undefined` implies that a physical name will be allocated by
// CloudFormation during deployment.
// - a concrete value implies a specific physical name
// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
// by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
// Default: - The physical name will be allocated by CloudFormation at deployment time.
//
PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
// The AWS region this resource belongs to.
// Default: - the resource is in the same region as the stack it belongs to.
//
Region *string `field:"optional" json:"region" yaml:"region"`
ServerCertificate awscertificatemanager.ICertificate `field:"required" json:"serverCertificate" yaml:"serverCertificate"`
SubnetCidr ec2.IIpv4CidrAssignment `field:"required" json:"subnetCidr" yaml:"subnetCidr"`
Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"`
AuthorizeAllUsersToVpcCidr *bool `field:"optional" json:"authorizeAllUsersToVpcCidr" yaml:"authorizeAllUsersToVpcCidr"`
ClientCertificate awscertificatemanager.ICertificate `field:"optional" json:"clientCertificate" yaml:"clientCertificate"`
ClientConnectionHandler awsec2.IClientVpnConnectionHandler `field:"optional" json:"clientConnectionHandler" yaml:"clientConnectionHandler"`
ClientLoginBanner *string `field:"optional" json:"clientLoginBanner" yaml:"clientLoginBanner"`
Description *string `field:"optional" json:"description" yaml:"description"`
DnsServers *[]*string `field:"optional" json:"dnsServers" yaml:"dnsServers"`
Logging *bool `field:"optional" json:"logging" yaml:"logging"`
LogGroup awslogs.ILogGroup `field:"optional" json:"logGroup" yaml:"logGroup"`
LogStream awslogs.ILogStream `field:"optional" json:"logStream" yaml:"logStream"`
MaxAzs *float64 `field:"optional" json:"maxAzs" yaml:"maxAzs"`
Port awsec2.VpnPort `field:"optional" json:"port" yaml:"port"`
SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
SelfServicePortal *bool `field:"optional" json:"selfServicePortal" yaml:"selfServicePortal"`
SplitTunnel *bool `field:"optional" json:"splitTunnel" yaml:"splitTunnel"`
TransitGateway ec2.ITransitGateway `field:"optional" json:"transitGateway" yaml:"transitGateway"`
TransportProtocol awsec2.TransportProtocol `field:"optional" json:"transportProtocol" yaml:"transportProtocol"`
UserBasedAuthentication awsec2.ClientVpnUserBasedAuthentication `field:"optional" json:"userBasedAuthentication" yaml:"userBasedAuthentication"`
VpnCidr ec2.IIpv4CidrAssignment `field:"optional" json:"vpnCidr" yaml:"vpnCidr"`
}
type TransitGatewayHubConfiguration ¶
type TransitGatewayHubConfiguration struct {
// Allows Transit Gateway sharing with resources outside of the Transit Gateway owner account's AWS Organization.
//
// By default, resources cannot be shared with accounts outside of the organization.
AllowExternal *bool `field:"optional" json:"allowExternal" yaml:"allowExternal"`
//
// When this is enabled, any transit gateway attachments created in other accounts where this
// transit gateway has been shared will be automatically created without manual intervention
// being needed in the account that did created the share.
AutoAcceptSharedAttachments *bool `field:"optional" json:"autoAcceptSharedAttachments" yaml:"autoAcceptSharedAttachments"`
// Enables auto-discovery of AWS accounts via CDK resources.
//
// Account discovery uses stages
// and stacks to find all accounts that the CDK has resources for.
//
// Environment agnostic stages and stacks cannot be used for auto-discovery.
//
// With auto-discovery enabled, the stack containing the Transit Gateway will need to be
// updated before it will become available in newly added accounts. Because of this it is
// inferior to using grouping principals such as organizations or organizational units.
//
// If access to sharing via AWS OIrganizations is available, that should be preferred over
// auto-discovery.
//
// Transit gateway sharing will be anabled if either auto-discovery is enabled or principals
// are specified.
AutoDiscovery *bool `field:"optional" json:"autoDiscovery" yaml:"autoDiscovery"`
// The ID of the default Transit Gateway Route Table that got created for the Transit Gateway associated with this VPC.
//
// This is needed because the default route table is used for handling routing of all traffic within
// the organization but not exposed directly via CloudFormation.
//
// See [feature request](https://github.com/aws-cloudformation/cloudformation-coverage-roadmap/issues/180)
// related to this in the AWS CloudFormation roadmap.
//
// This is only needed if the VPC is being configured to act as a hub for network traffic. Won't be
// available until after this stack has been deployed for the first time.
DefaultRouteTableId *string `field:"optional" json:"defaultRouteTableId" yaml:"defaultRouteTableId"`
// A list of principals which allow other accounts access to the Transit Gateway.
//
// With shared
// access, other accounts can create Attachments to facilitate cross account networking.
//
// Principals provided should not overlap with CDK resources if auto-discovery is enabled.
//
// Transit gateway sharing will be anabled if either auto-discovery is enabled or principals
// are specified.
Principals *[]ram.ISharedPrincipal `field:"optional" json:"principals" yaml:"principals"`
}
type TransitGatewaySpokeConfiguration ¶
type TransitGatewaySpokeConfiguration struct {
// The ID of a Transit Gateway.
//
// This Transit Gateway may have been created by another VPC in the
// same account or shared by a VPC in another account. If this is passed then a Transit Gateway
// Attachment will be created for the specified Transit Gateway and a new one will not be created
// even if principals are provided.
TransitGatewayId *string `field:"required" json:"transitGatewayId" yaml:"transitGatewayId"`
}
Source Files
¶
- AddAuthorizationRuleOptions.go
- AddCidrBlockOptions.go
- AddClientVpnEndpointOptions.go
- AddHubOptions.go
- AddIsolatedClientVpnEndpointOptions.go
- AddMultiSubnetRouteOptions.go
- AddNetworkOptions.go
- AddPoolOptions.go
- AddSpokeNetworkProps.go
- AllocatePrivateNetworkOptions.go
- FlowLogOptions.go
- FourTierNetwork.go
- FourTierNetworkHub.go
- FourTierNetworkHubProps.go
- FourTierNetworkHub__checks.go
- FourTierNetworkProps.go
- FourTierNetworkShareProperties.go
- FourTierNetworkSpoke.go
- FourTierNetworkSpokeProps.go
- FourTierNetworkSpoke__checks.go
- FourTierNetwork__checks.go
- GetClientVpnConfigurationOptions.go
- GetClientVpnConfigurationResult.go
- GetVpcConfigurationOptions.go
- IpAddressManager.go
- IpAddressManagerProps.go
- IpAddressManagerSharingProps.go
- IpAddressManager__checks.go
- NetworkController.go
- NetworkControllerProps.go
- NetworkController__checks.go
- NetworkIsolatedClientVpnEndpoint.go
- NetworkIsolatedClientVpnEndpointProps.go
- NetworkIsolatedClientVpnEndpoint__checks.go
- TransitGatewayHubConfiguration.go
- TransitGatewaySpokeConfiguration.go
- main.go
Directories
Click to show internal directories.
Click to hide internal directories.