ec2

package
v0.0.52 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 11, 2023 License: Apache-2.0 Imports: 13 Imported by: 0

README

Vibe-io CDK-Extensions EC2 Construct Library

The @cdk-extensions/ec2 package contains advanced constructs and patterns for setting up networking and instances. The constructs presented here are intended to be replacements for equivalent AWS constructs in the CDK EC2 module, but with additional features included.

AWS CDK EC2 API Reference

To import and use this module within your CDK project:

import * as ec2 from 'cdk-extensions/ec2';

VPC Flow Logs

VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. Flow log data can be published to Amazon CloudWatch Logs and Amazon S3. After you've created a flow log, you can retrieve and view its data in the chosen destination. AWS VPC Flow Logs User Guide AWS VPC Flow Logs CFN Documentation

For this construct, by default a S3 bucket will be created as the Flow Logs destination. It will also include a Glue table with the same schema as the configured FlowLogFormat, as well as prepared Athena queries.

Usage

You can create a flow log like this:

new ec2.FlowLog(this, 'FlowLog', {
  resourceType: ec2.FlowLogResourceType.fromVpc(myVpc)
})

You can also add multiple flow logs with different destinations.

const bucket = new s3.Bucket(this, 'MyCustomBucket');

new ec2.FlowLog(this, 'FlowLog', {
  resourceType: ec2.FlowLogResourceType.fromVpc(myVpc),
  destination: ec2.FlowLogDestination.toS3(bucket)
});

new ec2.FlowLog(this, 'FlowLogCloudWatch', {
  resourceType: ec2.FlowLogResourceType.fromVpc(myVpc),
  trafficType: ec2.FlowLogTrafficType.REJECT,
  maxAggregationInterval: FlowLogMaxAggregationInterval.ONE_MINUTE,
});
Additional Features

The main advantage that this module has over the official AWS CDK module is that you can specific the log format at the time of FlowLog creation like this:

new ec2.FlowLog(this, 'FlowLog', {
  resourceType: ec2.FlowLogResourceType.fromVpc(myVpc),
  format: ec2.FlowLogFormat.V3,
})

There are several formats that are included as part of the module, and each one will define the fields included in the flow log records. Each one acts similarly to a log level (Info, Debug, etc), with each level providing increasingly more detail in the logs (like region or AZ details, or AWS service details).

The formats and descriptions are as follows:

  • ec2.FlowLogFormat.V2: The default format if none is specified. Includes common basic details like log status, account ID, source and destination.
  • ec2.FlowLogFormat.V3: Includes all fields from V2, as well as information on the specific AWS resources associated with the traffic like Vpc, subnet and instance IDs.
  • ec2.FlowLogFormat.V4: Includes all fields from V3, as well as information about the region and AZ associated with the traffic.
  • ec2.FlowLogFormat.V5: Includes all fields from V4, as well as information that provides visibility on packet routing.
Caveats

With the offical AWS CDK VPC construct, you can normally add a Flow Log to a VPC by using the addFlowLog() method like this:

const vpc = new ec2.Vpc(this, 'Vpc');

vpc.addFlowLog('FlowLog');

However, this will not include the additional FlowLogFormat functionality provided by the FlowLog construct in this module.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CustomerGateway_IsConstruct added in v0.0.50 

func CustomerGateway_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func CustomerGateway_IsOwnedResource added in v0.0.50 

func CustomerGateway_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func CustomerGateway_IsResource added in v0.0.50 

func CustomerGateway_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func FlowLog_FromFlowLogId added in v0.0.50 

func FlowLog_FromFlowLogId(scope constructs.Construct, id *string, flowLogId *string) awsec2.IFlowLog

Import a Flow Log by it's Id.

func FlowLog_IsConstruct 

func FlowLog_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func FlowLog_IsOwnedResource 

func FlowLog_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func FlowLog_IsResource 

func FlowLog_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func IpamAllocation_IsConstruct added in v0.0.50 

func IpamAllocation_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func IpamAllocation_IsOwnedResource added in v0.0.50 

func IpamAllocation_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func IpamAllocation_IsResource added in v0.0.50 

func IpamAllocation_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func IpamPoolCidr_IsConstruct added in v0.0.50 

func IpamPoolCidr_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func IpamPoolCidr_IsOwnedResource added in v0.0.50 

func IpamPoolCidr_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func IpamPoolCidr_IsResource added in v0.0.50 

func IpamPoolCidr_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func IpamPool_IsConstruct added in v0.0.50 

func IpamPool_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func IpamPool_IsOwnedResource added in v0.0.50 

func IpamPool_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func IpamPool_IsResource added in v0.0.50 

func IpamPool_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func IpamResourceDiscoveryAssociation_IsConstruct added in v0.0.50 

func IpamResourceDiscoveryAssociation_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func IpamResourceDiscoveryAssociation_IsOwnedResource added in v0.0.50 

func IpamResourceDiscoveryAssociation_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func IpamResourceDiscoveryAssociation_IsResource added in v0.0.50 

func IpamResourceDiscoveryAssociation_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func IpamResourceDiscovery_ARN_FORMAT added in v0.0.50 

func IpamResourceDiscovery_ARN_FORMAT() awscdk.ArnFormat

func IpamResourceDiscovery_IsConstruct added in v0.0.50 

func IpamResourceDiscovery_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func IpamResourceDiscovery_IsOwnedResource added in v0.0.50 

func IpamResourceDiscovery_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func IpamResourceDiscovery_IsResource added in v0.0.50 

func IpamResourceDiscovery_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func IpamScope_ARN_FORMAT added in v0.0.50 

func IpamScope_ARN_FORMAT() awscdk.ArnFormat

func IpamScope_IsConstruct added in v0.0.50 

func IpamScope_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func IpamScope_IsOwnedResource added in v0.0.50 

func IpamScope_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func IpamScope_IsResource added in v0.0.50 

func IpamScope_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func Ipam_ARN_FORMAT added in v0.0.50 

func Ipam_ARN_FORMAT() awscdk.ArnFormat

func Ipam_IsConstruct added in v0.0.50 

func Ipam_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func Ipam_IsOwnedResource added in v0.0.50 

func Ipam_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func Ipam_IsResource added in v0.0.50 

func Ipam_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func NatProvider_Gateway added in v0.0.50 

func NatProvider_Gateway(props *awsec2.NatGatewayProps) awsec2.NatProvider

func NatProvider_Instance added in v0.0.50 

func NatProvider_Instance(props *awsec2.NatInstanceProps) awsec2.NatProvider

func NatProvider_TransitGateway added in v0.0.50 

func NatProvider_TransitGateway(props *TransitGatewayNatProviderOptions) awsec2.NatProvider

func NewCidrProvider_Override added in v0.0.50 

func NewCidrProvider_Override(c CidrProvider)

func NewCustomerGatewayConfigurationRemoteVpnEndpoint_Override added in v0.0.50 

func NewCustomerGatewayConfigurationRemoteVpnEndpoint_Override(c CustomerGatewayConfigurationRemoteVpnEndpoint, configuration *CustomerGatewayProps)

Creates a new instance of the CustomerGatewayConfigurationRemoteVpnEndpoint class.

func NewCustomerGatewayRemoteVpnEndpoint_Override added in v0.0.50 

func NewCustomerGatewayRemoteVpnEndpoint_Override(c CustomerGatewayRemoteVpnEndpoint, customerGateway ICustomerGateway)

Creates a new instance of the CustomerGatewayRemoteVpnEndpoint class.

func NewCustomerGateway_Override added in v0.0.50 

func NewCustomerGateway_Override(c CustomerGateway, scope constructs.Construct, id *string, props *CustomerGatewayProps)

Creates a new instance of the CustomerGateway class.

func NewFlowLogDestination_Override 

func NewFlowLogDestination_Override(f FlowLogDestination)

func NewFlowLogField_Override 

func NewFlowLogField_Override(f FlowLogField, name *string, type_ FlowLogDataType)

Creates a new instance of the FlowLogField class.

func NewFlowLogFormat_Override 

func NewFlowLogFormat_Override(f FlowLogFormat, fields ...FlowLogField)

Creates a new instance of the FlowLogFormat class.

func NewFlowLog_Override 

func NewFlowLog_Override(f FlowLog, scope constructs.IConstruct, id *string, props *FlowLogProps)

Creates a new instance of the FlowLog class.

func NewIpamAllocationConfiguration_Override added in v0.0.50 

func NewIpamAllocationConfiguration_Override(i IpamAllocationConfiguration)

func NewIpamAllocation_Override added in v0.0.50 

func NewIpamAllocation_Override(i IpamAllocation, scope constructs.IConstruct, id *string, props *IpamAllocationProps)

func NewIpamPoolCidrConfiguration_Override added in v0.0.50 

func NewIpamPoolCidrConfiguration_Override(i IpamPoolCidrConfiguration)

func NewIpamPoolCidr_Override added in v0.0.50 

func NewIpamPoolCidr_Override(i IpamPoolCidr, scope constructs.IConstruct, id *string, props *IpamPoolCidrProps)

func NewIpamPool_Override added in v0.0.50 

func NewIpamPool_Override(i IpamPool, scope constructs.IConstruct, id *string, props *IpamPoolProps)

func NewIpamResourceDiscoveryAssociation_Override added in v0.0.50 

func NewIpamResourceDiscoveryAssociation_Override(i IpamResourceDiscoveryAssociation, scope constructs.IConstruct, id *string, props *IpamResourceDiscoveryAssociationProps)

func NewIpamResourceDiscovery_Override added in v0.0.50 

func NewIpamResourceDiscovery_Override(i IpamResourceDiscovery, scope constructs.IConstruct, id *string, props *IpamResourceDiscoveryProps)

func NewIpamScope_Override added in v0.0.50 

func NewIpamScope_Override(i IpamScope, scope constructs.IConstruct, id *string, props *IpamScopeProps)

Creates a new instance of the IpamScope class.

func NewIpam_Override added in v0.0.50 

func NewIpam_Override(i Ipam, scope constructs.IConstruct, id *string, props *IpamProps)

Creates a new instance of the Ipam class.

func NewNatProvider_Override added in v0.0.50 

func NewNatProvider_Override(n NatProvider)

func NewTieredSubnets_Override added in v0.0.50 

func NewTieredSubnets_Override(t TieredSubnets, options *TieredSubnetsOptions)

func NewTransitGatewayAttachmentBase_Override added in v0.0.50 

func NewTransitGatewayAttachmentBase_Override(t TransitGatewayAttachmentBase, scope constructs.Construct, id *string, props *awscdk.ResourceProps)

func NewTransitGatewayAttachmentResource_Override added in v0.0.50 

func NewTransitGatewayAttachmentResource_Override(t TransitGatewayAttachmentResource, scope constructs.Construct, id *string, props *TransitGatewayAttachmentResourceProps)

Creates a new instance of the TransitGatewayAttachment class.

func NewTransitGatewayAttachment_Override added in v0.0.50 

func NewTransitGatewayAttachment_Override(t TransitGatewayAttachment, scope constructs.Construct, id *string, props *TransitGatewayAttachmentProps)

Creates a new instance of the TransitGatewayAttachment class.

func NewTransitGatewayLocalVpnEndpoint_Override added in v0.0.50 

func NewTransitGatewayLocalVpnEndpoint_Override(t TransitGatewayLocalVpnEndpoint, transitGateway ITransitGateway)

Creates a new instance of the TransitGatewayLocalVpnEndpoint class.

func NewTransitGatewayNatProvider_Override added in v0.0.50 

func NewTransitGatewayNatProvider_Override(t TransitGatewayNatProvider, options *TransitGatewayNatProviderOptions)

func NewTransitGatewayPeeringAttachment_Override added in v0.0.50 

func NewTransitGatewayPeeringAttachment_Override(t TransitGatewayPeeringAttachment, scope constructs.Construct, id *string, props *TransitGatewayPeeringAttachmentProps)

Creates a new instance of the TransitGatewayPeeringAttachment class.

func NewTransitGatewayRouteTable_Override added in v0.0.50 

func NewTransitGatewayRouteTable_Override(t TransitGatewayRouteTable, scope constructs.Construct, id *string, props *TransitGatewayRouteTableProps)

Creates a new instance of the TransitGatewayRouteTable class.

func NewTransitGatewayRoute_Override added in v0.0.50 

func NewTransitGatewayRoute_Override(t TransitGatewayRoute, scope constructs.Construct, id *string, props *TransitGatewayRouteProps)

Creates a new instance of the TransitGatewayAttachment class.

func NewTransitGateway_Override added in v0.0.50 

func NewTransitGateway_Override(t TransitGateway, scope constructs.Construct, id *string, props *TransitGatewayProps)

Creates a new instance of the Database class.

func NewVpnConnectionLocalEndpoint_Override added in v0.0.50 

func NewVpnConnectionLocalEndpoint_Override(v VpnConnectionLocalEndpoint)

func NewVpnConnectionRemoteEndpoint_Override added in v0.0.50 

func NewVpnConnectionRemoteEndpoint_Override(v VpnConnectionRemoteEndpoint)

func NewVpnConnection_Override added in v0.0.50 

func NewVpnConnection_Override(v VpnConnection, scope constructs.Construct, id *string, props *VpnConnectionProps)

Creates a new instance of the TransitGatewayAttachment class.

func NewVpnGatewayLocalVpnEndpoint_Override added in v0.0.50 

func NewVpnGatewayLocalVpnEndpoint_Override(v VpnGatewayLocalVpnEndpoint, vpnGateway awsec2.IVpnGateway)

Creates a new instance of the VpnGatewayLocalVpnEndpoint class.

func TransitGatewayAttachmentBase_IsConstruct added in v0.0.50 

func TransitGatewayAttachmentBase_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func TransitGatewayAttachmentBase_IsOwnedResource added in v0.0.50 

func TransitGatewayAttachmentBase_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func TransitGatewayAttachmentBase_IsResource added in v0.0.50 

func TransitGatewayAttachmentBase_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func TransitGatewayAttachmentResource_IsConstruct added in v0.0.50 

func TransitGatewayAttachmentResource_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func TransitGatewayAttachmentResource_IsOwnedResource added in v0.0.50 

func TransitGatewayAttachmentResource_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func TransitGatewayAttachmentResource_IsResource added in v0.0.50 

func TransitGatewayAttachmentResource_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func TransitGatewayAttachment_IsConstruct added in v0.0.50 

func TransitGatewayAttachment_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func TransitGatewayAttachment_IsOwnedResource added in v0.0.50 

func TransitGatewayAttachment_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func TransitGatewayAttachment_IsResource added in v0.0.50 

func TransitGatewayAttachment_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func TransitGatewayNatProvider_Gateway added in v0.0.50 

func TransitGatewayNatProvider_Gateway(props *awsec2.NatGatewayProps) awsec2.NatProvider

Use NAT Gateways to provide NAT services for your VPC.

NAT gateways are managed by AWS. See: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html

func TransitGatewayNatProvider_Instance added in v0.0.50 

func TransitGatewayNatProvider_Instance(props *awsec2.NatInstanceProps) awsec2.NatInstanceProvider

Use NAT instances to provide NAT services for your VPC.

NAT instances are managed by you, but in return allow more configuration.

Be aware that instances created using this provider will not be automatically replaced if they are stopped for any reason. You should implement your own NatProvider based on AutoScaling groups if you need that. See: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_NAT_Instance.html

func TransitGatewayPeeringAttachment_IsConstruct added in v0.0.50 

func TransitGatewayPeeringAttachment_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func TransitGatewayPeeringAttachment_IsOwnedResource added in v0.0.50 

func TransitGatewayPeeringAttachment_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func TransitGatewayPeeringAttachment_IsResource added in v0.0.50 

func TransitGatewayPeeringAttachment_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func TransitGatewayRouteTable_IsConstruct added in v0.0.50 

func TransitGatewayRouteTable_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func TransitGatewayRouteTable_IsOwnedResource added in v0.0.50 

func TransitGatewayRouteTable_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func TransitGatewayRouteTable_IsResource added in v0.0.50 

func TransitGatewayRouteTable_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func TransitGatewayRoute_IsConstruct added in v0.0.50 

func TransitGatewayRoute_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func TransitGatewayRoute_IsOwnedResource added in v0.0.50 

func TransitGatewayRoute_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func TransitGatewayRoute_IsResource added in v0.0.50 

func TransitGatewayRoute_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func TransitGateway_IsConstruct added in v0.0.50 

func TransitGateway_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func TransitGateway_IsOwnedResource added in v0.0.50 

func TransitGateway_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func TransitGateway_IsResource added in v0.0.50 

func TransitGateway_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func VpnConnection_IsConstruct added in v0.0.50 

func VpnConnection_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func VpnConnection_IsOwnedResource added in v0.0.50 

func VpnConnection_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func VpnConnection_IsResource added in v0.0.50 

func VpnConnection_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

Types

type AddChildPoolOptions added in v0.0.50 

type AddChildPoolOptions struct {
	AddressConfiguration AddressConfiguration `field:"optional" json:"addressConfiguration" yaml:"addressConfiguration"`
	AutoImport           *bool                `field:"optional" json:"autoImport" yaml:"autoImport"`
	Consumer             IpamConsumer         `field:"optional" json:"consumer" yaml:"consumer"`
	Description          *string              `field:"optional" json:"description" yaml:"description"`
	Locale               *string              `field:"optional" json:"locale" yaml:"locale"`
	Name                 *string              `field:"optional" json:"name" yaml:"name"`
	ProvisionedCidrs     *[]*string           `field:"optional" json:"provisionedCidrs" yaml:"provisionedCidrs"`
	PublicIpSource       PublicIpSource       `field:"optional" json:"publicIpSource" yaml:"publicIpSource"`
	TagRestrictions      *map[string]*string  `field:"optional" json:"tagRestrictions" yaml:"tagRestrictions"`
}

type AddCidrToPoolOptions added in v0.0.50 

type AddCidrToPoolOptions struct {
	Configuration IIpamPoolCidrConfiguration `field:"required" json:"configuration" yaml:"configuration"`
	AllowInline   *bool                      `field:"optional" json:"allowInline" yaml:"allowInline"`
}

type AddCidrToPoolResult added in v0.0.50 

type AddCidrToPoolResult struct {
	Inline *bool         `field:"required" json:"inline" yaml:"inline"`
	Cidr   IIpamPoolCidr `field:"optional" json:"cidr" yaml:"cidr"`
}

type AddressConfiguration added in v0.0.50 

type AddressConfiguration interface {
	DefaultNetmaskLength() *float64
	Family() *string
	MaxNetmaskLength() *float64
	MinNetmaskLength() *float64
	PubliclyAdvertisable() *bool
}

func AddressConfiguration_Ipv4 added in v0.0.50 

func AddressConfiguration_Ipv4(options *Ipv4ConfigurationOptions) AddressConfiguration

func AddressConfiguration_Ipv6 added in v0.0.50 

func AddressConfiguration_Ipv6(options *Ipv6ConfigurationOptions) AddressConfiguration

func AddressConfiguration_Of added in v0.0.50 

func AddressConfiguration_Of(props *AddressConfigurationProps) AddressConfiguration

type AddressConfigurationProps added in v0.0.50 

type AddressConfigurationProps struct {
	DefaultNetmaskLength *float64 `field:"optional" json:"defaultNetmaskLength" yaml:"defaultNetmaskLength"`
	MaxNetmaskLength     *float64 `field:"optional" json:"maxNetmaskLength" yaml:"maxNetmaskLength"`
	MinNetmaskLength     *float64 `field:"optional" json:"minNetmaskLength" yaml:"minNetmaskLength"`
	Family               *string  `field:"required" json:"family" yaml:"family"`
	PubliclyAdvertisable *bool    `field:"optional" json:"publiclyAdvertisable" yaml:"publiclyAdvertisable"`
}

type AllocateCidrFromPoolOptions added in v0.0.50 

type AllocateCidrFromPoolOptions struct {
	Allocation  IIpamAllocationConfiguration `field:"optional" json:"allocation" yaml:"allocation"`
	Description *string                      `field:"optional" json:"description" yaml:"description"`
	Scope       constructs.IConstruct        `field:"optional" json:"scope" yaml:"scope"`
}

type CidrProvider added in v0.0.50 

type CidrProvider interface {
}

func NewCidrProvider added in v0.0.50 

func NewCidrProvider() CidrProvider

type CustomerGateway added in v0.0.50 

type CustomerGateway interface {
	awscdk.Resource
	ICustomerGateway
	// For devices that support BGP, the customer gateway's BGP ASN.
	// See: [CustomerGateway BgpAsn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-customergateway.html#cfn-ec2-customergateway-bgpasn)
	//
	BgpAsn() *float64
	// The type of VPN connection that this customer gateway supports.
	// See: [CustomerGateway Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-customergateway.html#cfn-ec2-customergateway-type)
	//
	ConnectionType() VpnConnectionType
	// The BGP ASN of the customer gateway.
	CustomerGatewayAsn() *float64
	// The ID of the customer gateway.
	CustomerGatewayId() *string
	// The IP address of the customer gateway.
	CustomerGatewayIp() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The Internet-routable IP address for the customer gateway's outside interface.
	//
	// The address must be static.
	// See: [CustomerGateway IpAddress](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-customergateway.html#cfn-ec2-customergateway-ipaddress)
	//
	IpAddress() *string
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The underlying CustomerGateway CloudFormation resource.
	// See: [AWS::EC2::CustomerGateway](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-customergateway.html)
	//
	Resource() awsec2.CfnCustomerGateway
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

Specifies thje details of a remote endpoint that can serve as an endpoint for connections to AWS.

func NewCustomerGateway added in v0.0.50 

func NewCustomerGateway(scope constructs.Construct, id *string, props *CustomerGatewayProps) CustomerGateway

Creates a new instance of the CustomerGateway class.

type CustomerGatewayAttributes added in v0.0.50 

type CustomerGatewayAttributes struct {
	// The ID of the existing customer gateway being imported.
	CustomerGatewayId *string `field:"required" json:"customerGatewayId" yaml:"customerGatewayId"`
	// For devices that support BGP, the customer gateway's BGP ASN.
	BgpAsn *float64 `field:"optional" json:"bgpAsn" yaml:"bgpAsn"`
	// The Internet-routable IP address for the customer gateway's outside interface.
	//
	// The address must be static.
	IpAddress *string `field:"optional" json:"ipAddress" yaml:"ipAddress"`
}

Attributes used to import an existing customer gateway.

type CustomerGatewayConfigurationRemoteVpnEndpoint added in v0.0.50 

type CustomerGatewayConfigurationRemoteVpnEndpoint interface {
	IRemoteVpnEndpoint
	// The details of the device on the remote end of the VPN connection.
	Configuration() *CustomerGatewayProps
	// The customer gateway that was created to represent the device on the remote end of the VPN connection.
	CustomerGateway() CustomerGateway
	// Produces a configuration that can be used when configuring the remote end of a VPN connection.
	Bind(scope constructs.IConstruct) *RemoteVpnEndpointConfiguration
}

Specifies a remote VPN endpoint device by directly specifyingits details.

func NewCustomerGatewayConfigurationRemoteVpnEndpoint added in v0.0.50 

func NewCustomerGatewayConfigurationRemoteVpnEndpoint(configuration *CustomerGatewayProps) CustomerGatewayConfigurationRemoteVpnEndpoint

Creates a new instance of the CustomerGatewayConfigurationRemoteVpnEndpoint class.

func VpnConnectionRemoteEndpoint_FromConfiguration added in v0.0.50 

func VpnConnectionRemoteEndpoint_FromConfiguration(configuration *CustomerGatewayProps) CustomerGatewayConfigurationRemoteVpnEndpoint

Creates a remote connection using the configuration details provided.

Returns: A configuration object representing a remote VPN destination.

type CustomerGatewayProps added in v0.0.50 

type CustomerGatewayProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region *string `field:"optional" json:"region" yaml:"region"`
	// The Internet-routable IP address for the customer gateway's outside interface.
	//
	// The address must be static.
	// See: [CustomerGateway IpAddress](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-customergateway.html#cfn-ec2-customergateway-ipaddress)
	//
	IpAddress *string `field:"required" json:"ipAddress" yaml:"ipAddress"`
	// For devices that support BGP, the customer gateway's BGP ASN.
	// See: [CustomerGateway BgpAsn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-customergateway.html#cfn-ec2-customergateway-bgpasn)
	//
	BgpAsn *float64 `field:"optional" json:"bgpAsn" yaml:"bgpAsn"`
	// The type of VPN connection that this customer gateway supports.
	// See: [CustomerGateway Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-customergateway.html#cfn-ec2-customergateway-type)
	//
	ConnectionType VpnConnectionType `field:"optional" json:"connectionType" yaml:"connectionType"`
}

Configuration for the CustomerGateway resource.

type CustomerGatewayRemoteVpnEndpoint added in v0.0.50 

type CustomerGatewayRemoteVpnEndpoint interface {
	IRemoteVpnEndpoint
	// The customer gateway that is configured with the details of the remote endpoint device.
	CustomerGateway() ICustomerGateway
	// Produces a configuration that can be used when configuring the remote end of a VPN connection.
	Bind(_scope constructs.IConstruct) *RemoteVpnEndpointConfiguration
}

Specifies a remote VPN endpoint device that has its details configured in an existing customer gateway.

func NewCustomerGatewayRemoteVpnEndpoint added in v0.0.50 

func NewCustomerGatewayRemoteVpnEndpoint(customerGateway ICustomerGateway) CustomerGatewayRemoteVpnEndpoint

Creates a new instance of the CustomerGatewayRemoteVpnEndpoint class.

func VpnConnectionRemoteEndpoint_FromCustomerGateway added in v0.0.50 

func VpnConnectionRemoteEndpoint_FromCustomerGateway(customerGateway ICustomerGateway) CustomerGatewayRemoteVpnEndpoint

Creates a remote connection using a customer gateway.

Returns: A configuration object representing a remote VPN destination.

type FlowLog 

type FlowLog interface {
	awsec2.FlowLog
	// The S3 bucket to publish flow logs to.
	Bucket() awss3.IBucket
	// The location where flow logs should be delivered.
	// See: [FlowLog LogDestinationType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logdestinationtype)
	//
	Destination() awsec2.FlowLogDestination
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The Id of the VPC Flow Log.
	FlowLogId() *string
	// The name of the FlowLog.
	FlowLogName() *string
	// The iam role used to publish logs to CloudWatch.
	IamRole() awsiam.IRole
	// S3 bucket key prefix to publish the flow logs under.
	KeyPrefix() *string
	// The fields to include in the flow log record, in the order in which they should appear.
	//
	// For a list of available fields, see {@link FlowLogField}.
	// See: [FlowLog LogFormat](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logformat)
	//
	LogFormat() FlowLogFormat
	// The CloudWatch Logs LogGroup to publish flow logs to.
	LogGroup() awslogs.ILogGroup
	// The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record.
	// See: [FlowLog MaxAggregationInterval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-maxaggregationinterval)
	//
	MaxAggregationInterval() awsec2.FlowLogMaxAggregationInterval
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The underlying FlowLog CloudFormation resource.
	// See: [AWS::EC2::FlowLog](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html)
	//
	Resource() awsec2.CfnFlowLog
	// Details for the resource from which flow logs will be captured.
	// See: [FlowLog ResourceType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-resourcetype)
	//
	ResourceType() awsec2.FlowLogResourceType
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic).
	// See: [FlowLog TrafficType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-traffictype)
	//
	TrafficType() awsec2.FlowLogTrafficType
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

func NewFlowLog 

func NewFlowLog(scope constructs.IConstruct, id *string, props *FlowLogProps) FlowLog

Creates a new instance of the FlowLog class.

type FlowLogDataType 

type FlowLogDataType string
const (
	// 32 bit signed int.
	FlowLogDataType_INT_32 FlowLogDataType = "INT_32"
	// 64 bit signed int.
	FlowLogDataType_INT_64 FlowLogDataType = "INT_64"
	// UTF-8 encoded character string.
	FlowLogDataType_STRING FlowLogDataType = "STRING"
)

type FlowLogDestination 

type FlowLogDestination interface {
	ILogDestination
	// Returns a configuration object with all the fields and resources needed to configure a flow log to write to the destination.
	Bind(scope constructs.IConstruct) *FlowLogDestinationConfig
}

Represents a resource that can act as a deliver endpoint for captured flow logs.

func FlowLogDestination_ToCloudWatchLogs 

func FlowLogDestination_ToCloudWatchLogs(logGroup awslogs.ILogGroup, role awsiam.IRole) FlowLogDestination

Represents a CloudWatch log group that will serve as the endpoint where flow logs should be delivered.

Returns: A configuration object containing details on how to set up logging to the log group. See: [Publish flow logs to CloudWatch Logs](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-cwl.html)

func FlowLogDestination_ToS3 

func FlowLogDestination_ToS3(bucket awss3.IBucket, options *FlowLogS3Options) FlowLogDestination

Represents a CloudWatch log group that will serve as the endpoint where flow logs should be delivered.

Returns: A configuration object containing details on how to set up logging to the bucket. See: [Publish flow logs to Amazon S3](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-s3.html)

type FlowLogDestinationConfig 

type FlowLogDestinationConfig struct {
	// The type of destination for the flow log data.
	// See: [FlowLog LogDestinationType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logdestinationtype)
	//
	DestinationType awsec2.FlowLogDestinationType `field:"required" json:"destinationType" yaml:"destinationType"`
	// An S3 bucket where logs should be delivered.
	// See: [FlowLog LogDestination](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logdestination)
	//
	Bucket awss3.IBucket `field:"optional" json:"bucket" yaml:"bucket"`
	// Additional options that control the format and behavior of logs delivered to the destination.
	DestinationOptions *map[string]interface{} `field:"optional" json:"destinationOptions" yaml:"destinationOptions"`
	// A CloudWatch LogGroup where logs should be delivered.
	// See: [FlowLog LogDestination](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logdestination)
	//
	LogGroup awslogs.ILogGroup `field:"optional" json:"logGroup" yaml:"logGroup"`
	// The ARN of the IAM role that allows Amazon EC2 to publish flow logs in your account.
	// See: [FlowLog DeliverLogsPermissionArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-deliverlogspermissionarn)
	//
	Role awsiam.IRole `field:"optional" json:"role" yaml:"role"`
	// An Amazon Resource Name (ARN) for the S3 destination where log files are to be delivered.
	//
	// If a custom prefix is being added the ARN should reflect that prefix.
	// See: [FlowLog LogDestination](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logdestination)
	//
	S3Path *string `field:"optional" json:"s3Path" yaml:"s3Path"`
}

A configuration object providing the details necessary to set up log delivery to a given destination.

type FlowLogField 

type FlowLogField interface {
	// The name of the Flow Log field, as it should be used when building a format string.
	Name() *string
	// The data type of the field as it would appear in Parquet.
	//
	// For
	// information on the type for various files, see documentation on the
	// [available fields](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-logs-fields).
	Type() FlowLogDataType
}

func FlowLogField_ACCOUNT_ID 

func FlowLogField_ACCOUNT_ID() FlowLogField

func FlowLogField_ACTION 

func FlowLogField_ACTION() FlowLogField

func FlowLogField_AZ_ID 

func FlowLogField_AZ_ID() FlowLogField

func FlowLogField_BYTES 

func FlowLogField_BYTES() FlowLogField

func FlowLogField_DSTADDR 

func FlowLogField_DSTADDR() FlowLogField

func FlowLogField_DSTPORT 

func FlowLogField_DSTPORT() FlowLogField

func FlowLogField_END 

func FlowLogField_END() FlowLogField

func FlowLogField_FLOW_DIRECTION 

func FlowLogField_FLOW_DIRECTION() FlowLogField

func FlowLogField_INSTANCE_ID 

func FlowLogField_INSTANCE_ID() FlowLogField

func FlowLogField_INTERFACE_ID 

func FlowLogField_INTERFACE_ID() FlowLogField

func FlowLogField_LOG_STATUS 

func FlowLogField_LOG_STATUS() FlowLogField

func FlowLogField_LookupField added in v0.0.50 

func FlowLogField_LookupField(name *string) FlowLogField

Tries to retieve full flow log field data for a log field based on name.

Returns undefined if the field name is not recognized.

Returns: The FlowLogField data for a field with the given name if one is found.

func FlowLogField_PACKETS 

func FlowLogField_PACKETS() FlowLogField

func FlowLogField_PKT_DSTADDR 

func FlowLogField_PKT_DSTADDR() FlowLogField

func FlowLogField_PKT_DST_AWS_SERVICE 

func FlowLogField_PKT_DST_AWS_SERVICE() FlowLogField

func FlowLogField_PKT_SRCADDR 

func FlowLogField_PKT_SRCADDR() FlowLogField

func FlowLogField_PKT_SRC_AWS_SERVICE 

func FlowLogField_PKT_SRC_AWS_SERVICE() FlowLogField

func FlowLogField_PROTOCOL 

func FlowLogField_PROTOCOL() FlowLogField

func FlowLogField_REGION 

func FlowLogField_REGION() FlowLogField

func FlowLogField_SRCADDR 

func FlowLogField_SRCADDR() FlowLogField

func FlowLogField_SRCPORT 

func FlowLogField_SRCPORT() FlowLogField

func FlowLogField_START 

func FlowLogField_START() FlowLogField

func FlowLogField_SUBLOCATION_ID 

func FlowLogField_SUBLOCATION_ID() FlowLogField

func FlowLogField_SUBLOCATION_TYPE 

func FlowLogField_SUBLOCATION_TYPE() FlowLogField

func FlowLogField_SUBNET_ID 

func FlowLogField_SUBNET_ID() FlowLogField

func FlowLogField_TCP_FLAGS 

func FlowLogField_TCP_FLAGS() FlowLogField

func FlowLogField_TRAFFIC_PATH 

func FlowLogField_TRAFFIC_PATH() FlowLogField

func FlowLogField_TYPE 

func FlowLogField_TYPE() FlowLogField

func FlowLogField_VERSION 

func FlowLogField_VERSION() FlowLogField

func FlowLogField_VPC_ID 

func FlowLogField_VPC_ID() FlowLogField

func NewFlowLogField 

func NewFlowLogField(name *string, type_ FlowLogDataType) FlowLogField

Creates a new instance of the FlowLogField class.

type FlowLogFileFormat 

type FlowLogFileFormat string

The file format options for flow log files delivered to S3. See: [Flow log files](https://docs.aws.amazon.com/vpc/latest/tgw/flow-logs-s3.html#flow-logs-s3-path) 

const (
	// Apache Parquet is a columnar data format.
	//
	// Queries on data in Parquet
	// format are 10 to 100 times faster compared to queries on data in plain
	// text. Data in Parquet format with Gzip compression takes 20 percent less
	// storage space than plain text with Gzip compression.
	FlowLogFileFormat_PARQUET FlowLogFileFormat = "PARQUET"
	// Plain text.
	//
	// This is the default format.
	FlowLogFileFormat_PLAIN_TEXT FlowLogFileFormat = "PLAIN_TEXT"
)

type FlowLogFormat 

type FlowLogFormat interface {
	// The fields that make up the flow log format, in the order that they should appear in the log entries.
	Fields() *[]FlowLogField
	// The rendered format string in the format expected by AWS when creating a new Flow Log.
	Template() *string
	// Adds a new field to the flow log output.
	//
	// New fields are added at the
	// end of a log entry after all the other fields that came before it.
	AddField(field FlowLogField)
}

func FlowLogFormat_FromTemplate added in v0.0.50 

func FlowLogFormat_FromTemplate(template *string) FlowLogFormat

Parses a flow log format template string to create a new FlowLogFormat object.

Returns: A FlowLogFormat object representing the passed template.

func FlowLogFormat_V2 

func FlowLogFormat_V2() FlowLogFormat

func FlowLogFormat_V3 

func FlowLogFormat_V3() FlowLogFormat

func FlowLogFormat_V4 

func FlowLogFormat_V4() FlowLogFormat

func FlowLogFormat_V5 

func FlowLogFormat_V5() FlowLogFormat

func NewFlowLogFormat 

func NewFlowLogFormat(fields ...FlowLogField) FlowLogFormat

Creates a new instance of the FlowLogFormat class.

type FlowLogProps 

type FlowLogProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region *string `field:"optional" json:"region" yaml:"region"`
	// Details for the resource from which flow logs will be captured.
	// See: [FlowLog ResourceType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-resourcetype)
	//
	ResourceType awsec2.FlowLogResourceType `field:"required" json:"resourceType" yaml:"resourceType"`
	// The location where flow logs should be delivered.
	// See: [FlowLog LogDestinationType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logdestinationtype)
	//
	Destination awsec2.FlowLogDestination `field:"optional" json:"destination" yaml:"destination"`
	// The name of the FlowLog.
	FlowLogName *string `field:"optional" json:"flowLogName" yaml:"flowLogName"`
	// The fields to include in the flow log record, in the order in which they should appear.
	//
	// For a list of available fields, see {@link FlowLogField}.
	// See: [FlowLog LogFormat](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logformat)
	//
	LogFormat FlowLogFormat `field:"optional" json:"logFormat" yaml:"logFormat"`
	// The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record.
	// See: [FlowLog MaxAggregationInterval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-maxaggregationinterval)
	//
	MaxAggregationInterval awsec2.FlowLogMaxAggregationInterval `field:"optional" json:"maxAggregationInterval" yaml:"maxAggregationInterval"`
	// The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic).
	// See: [FlowLog TrafficType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-traffictype)
	//
	TrafficType awsec2.FlowLogTrafficType `field:"optional" json:"trafficType" yaml:"trafficType"`
}

Configuration for the FlowLog class.

type FlowLogS3Options 

type FlowLogS3Options struct {
	// The file format in which flow logs should be delivered to S3.
	// See: [Flow log files](https://docs.aws.amazon.com/vpc/latest/tgw/flow-logs-s3.html#flow-logs-s3-path)
	//
	FileFormat FlowLogFileFormat `field:"optional" json:"fileFormat" yaml:"fileFormat"`
	// Controls the format of partitions ("folders") when the flow logs are delivered to S3.
	//
	// By default, flow logs are delivered partitioned such that each part of
	// the S3 path represents a values pertaining to details of the log.
	//
	// When hive compatible partitions are enabled, partitions will be
	// structured such that keys declaring the partition name are added at
	// each level.
	//
	// An example of standard partitioning:
	// “`
	// /us-east-1/2020/03/08/log.tar.gz
	// “`
	//
	// An example with Hive compatible partitions:
	// “`
	// /region=us-east-1/year=2020/month=03/day=08/log.tar.gz
	// “`.
	// See: [AWS Big Data Blog](https://aws.amazon.com/blogs/big-data/optimize-performance-and-reduce-costs-for-network-analytics-with-vpc-flow-logs-in-apache-parquet-format/)
	//
	HiveCompatiblePartitions *bool `field:"optional" json:"hiveCompatiblePartitions" yaml:"hiveCompatiblePartitions"`
	// An optional prefix that will be added to the start of all flow log files delivered to the S3 bucket.
	// See: [FlowLog LogDestination](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logdestination)
	//
	KeyPrefix *string `field:"optional" json:"keyPrefix" yaml:"keyPrefix"`
	// Indicates whether to partition the flow log per hour.
	//
	// By default, flow logs are partitioned (organized into S3 "folders") by
	// day.
	//
	// Setting this to true will add an extra layer of directories splitting
	// flow log files by the hour in which they were delivered.
	// See: [Flow log files](https://docs.aws.amazon.com/vpc/latest/tgw/flow-logs-s3.html#flow-logs-s3-path)
	//
	PerHourPartition *bool `field:"optional" json:"perHourPartition" yaml:"perHourPartition"`
}

type IAddressConfiguration added in v0.0.50 

type IAddressConfiguration interface {
	Family() *string
	PubliclyAdvertisable() *bool
}

type ICidrProvider added in v0.0.50 

type ICidrProvider interface {
	IpamOptions() *awsec2.VpcIpamOptions
	IpamPool() IIpamPool
	Netmask() *float64
}

func CidrProvider_Cidr added in v0.0.50 

func CidrProvider_Cidr(cidr *string) ICidrProvider

func CidrProvider_IpamPool added in v0.0.50 

func CidrProvider_IpamPool(pool IIpamPool, netmask *float64) ICidrProvider

type ICustomerGateway added in v0.0.50 

type ICustomerGateway interface {
	// The BGP ASN of the customer gateway.
	CustomerGatewayAsn() *float64
	// The ID of the customer gateway.
	CustomerGatewayId() *string
	// The IP address of the customer gateway.
	CustomerGatewayIp() *string
}

Represents a customer gateway in AWS.

func CustomerGateway_FromCustomerGatewayAttributes added in v0.0.50 

func CustomerGateway_FromCustomerGatewayAttributes(scope constructs.IConstruct, id *string, attributes *CustomerGatewayAttributes) ICustomerGateway

Imports an existing custom gateway by specifying its details.

Returns: An object representing the imported customer gateway.

func CustomerGateway_FromCustomerGatewayId added in v0.0.50 

func CustomerGateway_FromCustomerGatewayId(scope constructs.IConstruct, id *string, customerGatewayId *string) ICustomerGateway

Imports an existing custom gateway using its CustomerGatewayId.

Returns: An object representing the imported customer gateway.

type IIpam added in v0.0.50 

type IIpam interface {
	// Adds an IPAM scope to the IPAM.
	//
	// In IPAM, a scope is the highest-level container within IPAM. Scopes enable
	// you to reuse IP addresses across multiple unconnected networks without
	// causing IP address overlap or conflict.
	//
	// Returns: The scope that was added to the IPAM.
	// See: [How IPAM works](https://docs.aws.amazon.com/vpc/latest/ipam/how-it-works-ipam.html)
	//
	AddScope(id *string, options *IpamScopeOptions) IIpamScope
	// Associates an existing IPAM resource discovery with the IPAM.
	//
	// IPAM aggregates the resource CIDRs discovered by the associated resource
	// discovery.
	//
	// Returns: The association resource that handles the association between the
	// IPAM and the resource discovery.
	AssociateResourceDiscovery(resourceDiscovery IIpamResourceDiscovery) IIpamResourceDiscoveryAssociation
	// The ARN of the IPAM.
	IpamArn() *string
	// The ID of the IPAM.
	IpamId() *string
	// The ID of the IPAM's default private scope.
	IpamPrivateDefaultScopeId() *string
	// The ID of the IPAM's default public scope.
	IpamPublicDefaultScopeId() *string
	// The number of scopes in the IPAM.
	//
	// The scope quota is 5.
	IpamScopeCount() *float64
}

Represents an IPAM in AWS.

func Ipam_FromIpamArn added in v0.0.50 

func Ipam_FromIpamArn(scope constructs.IConstruct, id *string, ipamArn *string) IIpam

Imports an existing IPAM by specifying its Amazon Resource Name (ARN).

Returns: An object representing the imported IPAM.

func Ipam_FromIpamAttributes added in v0.0.50 

func Ipam_FromIpamAttributes(scope constructs.IConstruct, id *string, attrs *IpamAttributes) IIpam

Imports an existing IAPM by explicitly specifying its attributes.

Returns: An object representing the imported IPAM.

func Ipam_FromIpamId added in v0.0.50 

func Ipam_FromIpamId(scope constructs.IConstruct, id *string, ipamId *string) IIpam

Imports an existing IPAM by explicitly specifying its AWS generated ID.

Returns: An object representing the imported IPAM.

type IIpamAllocation added in v0.0.50 

type IIpamAllocation interface {
	IpamAllocationCidr() *string
	IpamAllocationId() *string
}

type IIpamAllocationConfiguration added in v0.0.50 

type IIpamAllocationConfiguration interface {
	Bind(scope constructs.IConstruct) *ResolvedIpamAllocationConfiguration
}

func IpamAllocationConfiguration_Auto added in v0.0.50 

func IpamAllocationConfiguration_Auto() IIpamAllocationConfiguration

func IpamAllocationConfiguration_Cidr added in v0.0.50 

func IpamAllocationConfiguration_Cidr(cidr *string) IIpamAllocationConfiguration

func IpamAllocationConfiguration_Netmask added in v0.0.50 

func IpamAllocationConfiguration_Netmask(length *float64) IIpamAllocationConfiguration

type IIpamPool added in v0.0.50 

type IIpamPool interface {
	awscdk.IResource
	AddChildPool(id *string, options *AddChildPoolOptions) IIpamPool
	AddCidrToPool(id *string, options *AddCidrToPoolOptions) *AddCidrToPoolResult
	AllocateCidrFromPool(id *string, options *AllocateCidrFromPoolOptions) IIpamAllocation
	IpamPoolArn() *string
	IpamPoolDepth() *float64
	IpamPoolId() *string
	IpamPoolIpamArn() *string
	IpamPoolScopeArn() *string
	IpamPoolScopeType() *string
	IpamPoolState() *string
	IpamPoolStateMessage() *string
}

type IIpamPoolCidr added in v0.0.50 

type IIpamPoolCidr interface {
	IpamPoolCidrId() *string
	IpamPoolCidrState() *string
}

type IIpamPoolCidrConfiguration added in v0.0.50 

type IIpamPoolCidrConfiguration interface {
	Bind(scope constructs.IConstruct) *ResolvedIpamPoolCidrConfiguration
	Inline() *bool
}

func IpamPoolCidrConfiguration_Cidr added in v0.0.50 

func IpamPoolCidrConfiguration_Cidr(cidr *string) IIpamPoolCidrConfiguration

func IpamPoolCidrConfiguration_Netmask added in v0.0.50 

func IpamPoolCidrConfiguration_Netmask(length *float64) IIpamPoolCidrConfiguration

type IIpamResourceDiscovery added in v0.0.50 

type IIpamResourceDiscovery interface {
	awscdk.IResource
	AddIpam(id *string, options *IpamProps) IIpam
	AssociateIpam(ipam IIpam) IIpamResourceDiscoveryAssociation
	// The resource discovery ARN.
	IpamResourceDiscoveryArn() *string
	// The resource discovery ID.
	IpamResourceDiscoveryId() *string
	// Defines if the resource discovery is the default.
	//
	// The default resource
	// discovery is the resource discovery automatically created when you create
	// an IPAM.
	IpamResourceDiscoveryIsDefault() awscdk.IResolvable
	// The owner ID.
	IpamResourceDiscoveryOwnerId() *string
	// The resource discovery Region.
	IpamResourceDiscoveryRegion() *string
	// The resource discovery's state.
	//
	// - create-in-progress - Resource discovery is being created.
	// - create-complete - Resource discovery creation is complete.
	// - create-failed - Resource discovery creation has failed.
	// - modify-in-progress - Resource discovery is being modified.
	// - modify-complete - Resource discovery modification is complete.
	// - modify-failed - Resource discovery modification has failed.
	// - delete-in-progress - Resource discovery is being deleted.
	// - delete-complete - Resource discovery deletion is complete.
	// - delete-failed - Resource discovery deletion has failed.
	// - isolate-in-progress - AWS account that created the resource discovery
	// has been removed and the resource discovery is being isolated.
	// - isolate-complete - Resource discovery isolation is complete.
	// - restore-in-progress - AWS account that created the resource discovery
	// and was isolated has been restored.
	IpamResourceDiscoveryState() *string
}

Represents an IPAM resource discovery in AWS.

func IpamResourceDiscovery_FromIpamResourceDiscoveryArn added in v0.0.50 

func IpamResourceDiscovery_FromIpamResourceDiscoveryArn(scope constructs.IConstruct, id *string, ipamResourceDiscoveryArn *string) IIpamResourceDiscovery

Imports an existing IPAM resource discovery by specifying its Amazon Resource Name (ARN).

Returns: An object representing the imported IPAM resource discovery.

func IpamResourceDiscovery_FromIpamResourceDiscoveryAttributes added in v0.0.50 

func IpamResourceDiscovery_FromIpamResourceDiscoveryAttributes(scope constructs.IConstruct, id *string, attrs *IpamResourceDiscoveryAttributes) IIpamResourceDiscovery

Imports an existing IPAM resource discovery by explicitly specifying its attributes.

Returns: An object representing the imported IPAM resource discovery.

func IpamResourceDiscovery_FromIpamResourceDiscoveryId added in v0.0.50 

func IpamResourceDiscovery_FromIpamResourceDiscoveryId(scope constructs.IConstruct, id *string, ipamResourceDiscoveryId *string) IIpamResourceDiscovery

Imports an existing IPAM resource discovery by explicitly specifying its AWS generated ID.

Returns: An object representing the imported IPAM resource discovery.

type IIpamResourceDiscoveryAssociation added in v0.0.50 

type IIpamResourceDiscoveryAssociation interface {
	IpamResourceDiscoveryAssociationArn() *string
	IpamResourceDiscoveryAssociationId() *string
	IpamResourceDiscoveryAssociationIpamArn() *string
	IpamResourceDiscoveryAssociationIpamRegion() *string
	IpamResourceDiscoveryAssociationIsDefault() awscdk.IResolvable
	IpamResourceDiscoveryAssociationOwnerId() *string
	IpamResourceDiscoveryAssociationResourceDiscoveryId() *string
	IpamResourceDiscoveryAssociationResourceDiscoveryStatus() *string
	IpamResourceDiscoveryAssociationState() *string
}

type IIpamScope added in v0.0.50 

type IIpamScope interface {
	// Adds an IPAM pool to the IPAM scope.
	//
	// A pool is a collection of contiguous IP address ranges (or CIDRs). IPAM
	// pools enable you to organize your IP addresses according to your routing
	// and security needs.
	//
	// Returns: The pool that was added to the scope.
	// See: [How IPAM works](https://docs.aws.amazon.com/vpc/latest/ipam/how-it-works-ipam.html)
	//
	AddPool(id *string, options *IpamPoolOptions) IIpamPool
	// The ARN of the scope.
	IpamScopeArn() *string
	// The ID of an IPAM scope.
	IpamScopeId() *string
	// The ARN of an IPAM.
	IpamScopeIpamArn() *string
	// Defines if the scope is the default scope or not.
	IpamScopeIsDefault() awscdk.IResolvable
	// The number of pools in a scope.
	IpamScopePoolCount() *float64
	// The type of the scope.
	IpamScopeType() *string
}

Represents an IPAM scope in AWS.

func IpamScope_FromIpamScopeArn added in v0.0.50 

func IpamScope_FromIpamScopeArn(scope constructs.IConstruct, id *string, ipamScopeArn *string) IIpamScope

Imports an existing IPAM scope by specifying its Amazon Resource Name (ARN).

Returns: An object representing the imported IPAM scope.

func IpamScope_FromIpamScopeAttributes added in v0.0.50 

func IpamScope_FromIpamScopeAttributes(scope constructs.IConstruct, id *string, attrs *IpamScopeAttributes) IIpamScope

Imports an existing IAPM scope by explicitly specifying its attributes.

Returns: An object representing the imported IPAM scope.

func IpamScope_FromIpamScopeId added in v0.0.50 

func IpamScope_FromIpamScopeId(scope constructs.IConstruct, id *string, ipamScopeId *string) IIpamScope

Imports an existing IPAM scope by explicitly specifying its AWS generated ID.

Returns: An object representing the imported IPAM scope.

type ILocalVpnEndpoint added in v0.0.50 

type ILocalVpnEndpoint interface {
	// Produces a configuration that can be used when configuring the local end of a VPN connection.
	Bind(scope constructs.IConstruct) *LocalVpnEndpointConfiguration
}

type ILogDestination 

type ILogDestination interface {
	Bind(scope constructs.IConstruct) *FlowLogDestinationConfig
}

Represents a resource that can act as a deliver endpoint for captured flow logs.

type IRemoteVpnEndpoint added in v0.0.50 

type IRemoteVpnEndpoint interface {
	// Produces a configuration that can be used when configuring the remote end of a VPN connection.
	Bind(scope constructs.IConstruct) *RemoteVpnEndpointConfiguration
}

An object that can be used to retrieve the details for the remote end of a VPN connection.

type ITransitGateway added in v0.0.50 

type ITransitGateway interface {
	constructs.IConstruct
	AddRouteTable(options *TransitGatewayRouteTableOptions) TransitGatewayRouteTable
	AddVpn(id *string, options *VpnAttachmentOptions) VpnConnection
	AttachVpc(vpc awsec2.IVpc, options *VpcAttachmentOptions) TransitGatewayAttachment
	TransitGatewayArn() *string
	TransitGatewayId() *string
}

Represents a transit gateway in AWS.

func TransitGateway_FromTransitGatewayId added in v0.0.50 

func TransitGateway_FromTransitGatewayId(scope constructs.IConstruct, id *string, transitGatewayId *string) ITransitGateway

type ITransitGatewayAttachment added in v0.0.50 

type ITransitGatewayAttachment interface {
	// Adds a route that directs traffic to this transit gateway attachment.
	//
	// Returns: The TransitGatewayRoute that was added.
	AddRoute(cidr *string, routeTable ITransitGatewayRouteTable) ITransitGatewayRoute
	// The ARN of the transit gateway attachment.
	TransitGatewayAttachmentArn() *string
	// The ID of the transit gateway attachment.
	TransitGatewayAttachmentId() *string
}

Represents a Transit Gateway Attachment in AWS.

func TransitGatewayAttachment_FromTransitGatewayAttachmentId added in v0.0.50 

func TransitGatewayAttachment_FromTransitGatewayAttachmentId(scope constructs.IConstruct, id *string, transitGatewayAttachmentId *string) ITransitGatewayAttachment

Imports an existing Transit Gateway Attachment using its attachment ID.

Returns: An object representing the imported transit gateway attachment.

type ITransitGatewayPeeringAttachment added in v0.0.50 

type ITransitGatewayPeeringAttachment interface {
	ITransitGatewayAttachment
	// The time the transit gateway peering attachment was created.
	TransitGatewayAttachmentCreationTime() *string
	// The state of the transit gateway peering attachment.
	TransitGatewayAttachmentState() *string
	// The status of the transit gateway peering attachment.
	TransitGatewayAttachmentStatus() *string
	// The status code for the current status of the attachment.
	TransitGatewayAttachmentStatusCode() *string
	// The status message for the current status of the attachment.
	TransitGatewayAttachmentStatusMessage() *string
}

Represents a transit gateway route table in AWS.

func TransitGatewayPeeringAttachment_FromTransitGatewayPeeringAttachmentArn added in v0.0.50 

func TransitGatewayPeeringAttachment_FromTransitGatewayPeeringAttachmentArn(scope constructs.IConstruct, id *string, arn *string) ITransitGatewayPeeringAttachment

Imports an existing transit gateway peering attachment using its ARN.

Returns: An object representing the imported transit gateway peering attachment.

func TransitGatewayPeeringAttachment_FromTransitGatewayPeeringAttachmentAttributes added in v0.0.50 

func TransitGatewayPeeringAttachment_FromTransitGatewayPeeringAttachmentAttributes(scope constructs.IConstruct, id *string, attrs *TransitGatewayPeeringAttachmentImportAttributes) ITransitGatewayPeeringAttachment

Imports an existing transit gateway peering attachment by defining its components.

Returns: An object representing the imported transit gateway peering attachment.

func TransitGatewayPeeringAttachment_FromTransitGatewayPeeringAttachmentId added in v0.0.50 

func TransitGatewayPeeringAttachment_FromTransitGatewayPeeringAttachmentId(scope constructs.IConstruct, id *string, attachmentId *string) ITransitGatewayPeeringAttachment

Imports an existing transit gateway peering attachment using its attachment ID.

Returns: An object representing the imported transit gateway peering attachment.

type ITransitGatewayRoute added in v0.0.50 

type ITransitGatewayRoute interface {
	// The ID of the Transit Gateway Route.
	TransitGatewayRouteId() *string
}

Represents a Transit Gateway Route in AWS.

func TransitGatewayRoute_FromTransitGatewayRouteId added in v0.0.50 

func TransitGatewayRoute_FromTransitGatewayRouteId(scope constructs.IConstruct, id *string, transitGatewayRouteId *string) ITransitGatewayRoute

Imports an existing Transit Gateway Route using its route ID.

Returns: An object representing the imported Transit Gateway route.

type ITransitGatewayRouteTable added in v0.0.50 

type ITransitGatewayRouteTable interface {
	// Adds a route to this transit gateway route table.
	AddRoute(options *TransitGatewayRouteOptions) TransitGatewayRoute
	// The ARN of the transit gateway route table.
	TransitGatewayRouteTableArn() *string
	// The ID of the transit gateway route table.
	TransitGatewayRouteTableId() *string
}

Represents a transit gateway route table in AWS.

func TransitGatewayRouteTable_FromTransitGatewayRouteTableId added in v0.0.50 

func TransitGatewayRouteTable_FromTransitGatewayRouteTableId(scope constructs.IConstruct, id *string, transitGatewayRouteTableId *string) ITransitGatewayRouteTable

Imports an existing transit gateway route table using its route table ID.

Returns: An object representing the imported transit gateway route table.

type Ipam added in v0.0.50 

type Ipam interface {
	awscdk.Resource
	IIpam
	// The IPAM's default private scope.
	DefaultPrivateScope() IIpamScope
	// The IPAM's default public scope.
	DefaultPublicScope() IIpamScope
	// The description for the IPAM.
	// See: [IPAM Description](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipam.html#cfn-ec2-ipam-description)
	//
	Description() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The ARN of the IPAM.
	IpamArn() *string
	// The ID of the IPAM.
	IpamId() *string
	// The ID of the IPAM's default private scope.
	IpamPrivateDefaultScopeId() *string
	// The ID of the IPAM's default public scope.
	IpamPublicDefaultScopeId() *string
	// The number of scopes in the IPAM.
	//
	// The scope quota is 5.
	IpamScopeCount() *float64
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// An immutable collection of operating Regions for an IPAM.
	//
	// Operating Regions are AWS Regions where the IPAM is allowed to manage IP
	// address CIDRs. IPAM only discovers and monitors resources in the AWS
	// Regions you select as operating Regions.
	// See: [Create an IPAM](https://docs.aws.amazon.com/vpc/latest/ipam/create-ipam.html)
	//
	Regions() *[]*string
	// The underlying IPAM CloudFormation resource.
	// See: [AWS::EC2::IPAM](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipam.html)
	//
	Resource() awsec2.CfnIPAM
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// Adds an operating region to the IPAM.
	//
	// The operating Regions for an IPAM. Operating Regions are AWS Regions where
	// the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and
	// monitors resources in the AWS Regions you select as operating Regions.
	AddRegion(region *string)
	// Adds an IPAM scope to the IPAM.
	//
	// In IPAM, a scope is the highest-level container within IPAM. Scopes enable
	// you to reuse IP addresses across multiple unconnected networks without
	// causing IP address overlap or conflict.
	//
	// Returns: The scope that was added to the IPAM.
	// See: [How IPAM works](https://docs.aws.amazon.com/vpc/latest/ipam/how-it-works-ipam.html)
	//
	AddScope(id *string, options *IpamScopeOptions) IIpamScope
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Associates an existing IPAM resource discovery with the IPAM.
	//
	// IPAM aggregates the resource CIDRs discovered by the associated resource
	// discovery.
	//
	// Returns: The association resource that handles the association between the
	// IPAM and the resource discovery.
	AssociateResourceDiscovery(resourceDiscovery IIpamResourceDiscovery) IIpamResourceDiscoveryAssociation
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

Represents an AWS IP Address Manager.

IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts throughout your AWS Organization. See: [AWS::EC2::IPAM](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipam.html)

func NewIpam added in v0.0.50 

func NewIpam(scope constructs.IConstruct, id *string, props *IpamProps) Ipam

Creates a new instance of the Ipam class.

type IpamAllocation added in v0.0.50 

type IpamAllocation interface {
	awscdk.Resource
	IIpamAllocation
	Allocation() IIpamAllocationConfiguration
	Description() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	IpamAllocationCidr() *string
	IpamAllocationId() *string
	IpamPool() IIpamPool
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	Resource() awsec2.CfnIPAMAllocation
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

func NewIpamAllocation added in v0.0.50 

func NewIpamAllocation(scope constructs.IConstruct, id *string, props *IpamAllocationProps) IpamAllocation

type IpamAllocationConfiguration added in v0.0.50 

type IpamAllocationConfiguration interface {
}

func NewIpamAllocationConfiguration added in v0.0.50 

func NewIpamAllocationConfiguration() IpamAllocationConfiguration

type IpamAllocationOptions added in v0.0.50 

type IpamAllocationOptions struct {
	Allocation  IIpamAllocationConfiguration `field:"optional" json:"allocation" yaml:"allocation"`
	Description *string                      `field:"optional" json:"description" yaml:"description"`
}

type IpamAllocationProps added in v0.0.50 

type IpamAllocationProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region      *string                      `field:"optional" json:"region" yaml:"region"`
	Allocation  IIpamAllocationConfiguration `field:"optional" json:"allocation" yaml:"allocation"`
	Description *string                      `field:"optional" json:"description" yaml:"description"`
	IpamPool    IIpamPool                    `field:"required" json:"ipamPool" yaml:"ipamPool"`
}

type IpamAttributes added in v0.0.50 

type IpamAttributes struct {
	// The Amazon Resource Name (ARN) of the IPAM.
	IpamArn *string `field:"optional" json:"ipamArn" yaml:"ipamArn"`
	// The ID generated by AWS for the IPAM.
	IpamId *string `field:"optional" json:"ipamId" yaml:"ipamId"`
	// The IPAM's default private scope.
	PrivateDefaultScope IIpamScope `field:"optional" json:"privateDefaultScope" yaml:"privateDefaultScope"`
	// The IPAM's default public scope.
	PublicDefaultScope IIpamScope `field:"optional" json:"publicDefaultScope" yaml:"publicDefaultScope"`
	// The number of scopes in the IPAM.
	ScopeCount *float64 `field:"optional" json:"scopeCount" yaml:"scopeCount"`
}

Configuration for importing an existing IPAM.

type IpamConsumer added in v0.0.50 

type IpamConsumer interface {
	Name() *string
}

func IpamConsumer_EC2 added in v0.0.50 

func IpamConsumer_EC2() IpamConsumer

func IpamConsumer_Of added in v0.0.50 

func IpamConsumer_Of(name *string) IpamConsumer

type IpamPool added in v0.0.50 

type IpamPool interface {
	awscdk.Resource
	IIpamPool
	AddressConfiguration() AddressConfiguration
	AutoImport() *bool
	Consumer() IpamConsumer
	Description() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	IpamPoolArn() *string
	IpamPoolDepth() *float64
	IpamPoolId() *string
	IpamPoolIpamArn() *string
	IpamPoolScopeArn() *string
	IpamPoolScopeType() *string
	IpamPoolState() *string
	IpamPoolStateMessage() *string
	IpamScope() IIpamScope
	Locale() *string
	Name() *string
	// The tree node.
	Node() constructs.Node
	ParentPool() IIpamPool
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	PublicIpSource() PublicIpSource
	Resource() awsec2.CfnIPAMPool
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	AddChildPool(id *string, options *AddChildPoolOptions) IIpamPool
	AddCidrToPool(id *string, options *AddCidrToPoolOptions) *AddCidrToPoolResult
	AddTagRestriction(key *string, value *string) IIpamPool
	AllocateCidrFromPool(id *string, options *AllocateCidrFromPoolOptions) IIpamAllocation
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

func NewIpamPool added in v0.0.50 

func NewIpamPool(scope constructs.IConstruct, id *string, props *IpamPoolProps) IpamPool

type IpamPoolCidr added in v0.0.50 

type IpamPoolCidr interface {
	awscdk.Resource
	IIpamPoolCidr
	Configuration() IIpamPoolCidrConfiguration
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	IpamPool() IIpamPool
	IpamPoolCidrId() *string
	IpamPoolCidrState() *string
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	Resource() awsec2.CfnIPAMPoolCidr
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

func NewIpamPoolCidr added in v0.0.50 

func NewIpamPoolCidr(scope constructs.IConstruct, id *string, props *IpamPoolCidrProps) IpamPoolCidr

type IpamPoolCidrConfiguration added in v0.0.50 

type IpamPoolCidrConfiguration interface {
}

func NewIpamPoolCidrConfiguration added in v0.0.50 

func NewIpamPoolCidrConfiguration() IpamPoolCidrConfiguration

type IpamPoolCidrProps added in v0.0.50 

type IpamPoolCidrProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region        *string                    `field:"optional" json:"region" yaml:"region"`
	Configuration IIpamPoolCidrConfiguration `field:"required" json:"configuration" yaml:"configuration"`
	IpamPool      IIpamPool                  `field:"required" json:"ipamPool" yaml:"ipamPool"`
}

type IpamPoolOptions added in v0.0.50 

type IpamPoolOptions struct {
	AddressConfiguration AddressConfiguration `field:"optional" json:"addressConfiguration" yaml:"addressConfiguration"`
	AutoImport           *bool                `field:"optional" json:"autoImport" yaml:"autoImport"`
	Consumer             IpamConsumer         `field:"optional" json:"consumer" yaml:"consumer"`
	Description          *string              `field:"optional" json:"description" yaml:"description"`
	Locale               *string              `field:"optional" json:"locale" yaml:"locale"`
	Name                 *string              `field:"optional" json:"name" yaml:"name"`
	ParentPool           IIpamPool            `field:"optional" json:"parentPool" yaml:"parentPool"`
	ProvisionedCidrs     *[]*string           `field:"optional" json:"provisionedCidrs" yaml:"provisionedCidrs"`
	PublicIpSource       PublicIpSource       `field:"optional" json:"publicIpSource" yaml:"publicIpSource"`
	TagRestrictions      *map[string]*string  `field:"optional" json:"tagRestrictions" yaml:"tagRestrictions"`
}

type IpamPoolProps added in v0.0.50 

type IpamPoolProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region               *string              `field:"optional" json:"region" yaml:"region"`
	AddressConfiguration AddressConfiguration `field:"optional" json:"addressConfiguration" yaml:"addressConfiguration"`
	AutoImport           *bool                `field:"optional" json:"autoImport" yaml:"autoImport"`
	Consumer             IpamConsumer         `field:"optional" json:"consumer" yaml:"consumer"`
	Description          *string              `field:"optional" json:"description" yaml:"description"`
	Locale               *string              `field:"optional" json:"locale" yaml:"locale"`
	Name                 *string              `field:"optional" json:"name" yaml:"name"`
	ParentPool           IIpamPool            `field:"optional" json:"parentPool" yaml:"parentPool"`
	ProvisionedCidrs     *[]*string           `field:"optional" json:"provisionedCidrs" yaml:"provisionedCidrs"`
	PublicIpSource       PublicIpSource       `field:"optional" json:"publicIpSource" yaml:"publicIpSource"`
	TagRestrictions      *map[string]*string  `field:"optional" json:"tagRestrictions" yaml:"tagRestrictions"`
	IpamScope            IIpamScope           `field:"required" json:"ipamScope" yaml:"ipamScope"`
}

type IpamProps added in v0.0.50 

type IpamProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region *string `field:"optional" json:"region" yaml:"region"`
	// The description for the IPAM.
	// See: [IPAM Description](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipam.html#cfn-ec2-ipam-description)
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// The operating Regions for an IPAM.
	//
	// Operating Regions are AWS Regions where
	// the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and
	// monitors resources in the AWS Regions you select as operating Regions.
	// See: [Create an IPAM](https://docs.aws.amazon.com/vpc/latest/ipam/create-ipam.html)
	//
	Regions *[]*string `field:"optional" json:"regions" yaml:"regions"`
}

Configuration for the IPAM resource.

type IpamResourceDiscovery added in v0.0.50 

type IpamResourceDiscovery interface {
	awscdk.Resource
	IIpamResourceDiscovery
	Description() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The resource discovery ARN.
	IpamResourceDiscoveryArn() *string
	// The resource discovery ID.
	IpamResourceDiscoveryId() *string
	// Defines if the resource discovery is the default.
	//
	// The default resource
	// discovery is the resource discovery automatically created when you create
	// an IPAM.
	IpamResourceDiscoveryIsDefault() awscdk.IResolvable
	// The owner ID.
	IpamResourceDiscoveryOwnerId() *string
	// The resource discovery Region.
	IpamResourceDiscoveryRegion() *string
	// The resource discovery's state.
	//
	// - create-in-progress - Resource discovery is being created.
	// - create-complete - Resource discovery creation is complete.
	// - create-failed - Resource discovery creation has failed.
	// - modify-in-progress - Resource discovery is being modified.
	// - modify-complete - Resource discovery modification is complete.
	// - modify-failed - Resource discovery modification has failed.
	// - delete-in-progress - Resource discovery is being deleted.
	// - delete-complete - Resource discovery deletion is complete.
	// - delete-failed - Resource discovery deletion has failed.
	// - isolate-in-progress - AWS account that created the resource discovery
	// has been removed and the resource discovery is being isolated.
	// - isolate-complete - Resource discovery isolation is complete.
	// - restore-in-progress - AWS account that created the resource discovery
	// and was isolated has been restored.
	IpamResourceDiscoveryState() *string
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	Regions() *[]*string
	Resource() awsec2.CfnIPAMResourceDiscovery
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	AddIpam(id *string, options *IpamProps) IIpam
	AddRegion(region *string)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	AssociateIpam(ipam IIpam) IIpamResourceDiscoveryAssociation
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

func NewIpamResourceDiscovery added in v0.0.50 

func NewIpamResourceDiscovery(scope constructs.IConstruct, id *string, props *IpamResourceDiscoveryProps) IpamResourceDiscovery

type IpamResourceDiscoveryAssociation added in v0.0.50 

type IpamResourceDiscoveryAssociation interface {
	awscdk.Resource
	IIpamResourceDiscoveryAssociation
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	Ipam() IIpam
	IpamResourceDiscovery() IIpamResourceDiscovery
	IpamResourceDiscoveryAssociationArn() *string
	IpamResourceDiscoveryAssociationId() *string
	IpamResourceDiscoveryAssociationIpamArn() *string
	IpamResourceDiscoveryAssociationIpamRegion() *string
	IpamResourceDiscoveryAssociationIsDefault() awscdk.IResolvable
	IpamResourceDiscoveryAssociationOwnerId() *string
	IpamResourceDiscoveryAssociationResourceDiscoveryId() *string
	IpamResourceDiscoveryAssociationResourceDiscoveryStatus() *string
	IpamResourceDiscoveryAssociationState() *string
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	Resource() awsec2.CfnIPAMResourceDiscoveryAssociation
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

func NewIpamResourceDiscoveryAssociation added in v0.0.50 

func NewIpamResourceDiscoveryAssociation(scope constructs.IConstruct, id *string, props *IpamResourceDiscoveryAssociationProps) IpamResourceDiscoveryAssociation

type IpamResourceDiscoveryAssociationProps added in v0.0.50 

type IpamResourceDiscoveryAssociationProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region                *string                `field:"optional" json:"region" yaml:"region"`
	Ipam                  IIpam                  `field:"required" json:"ipam" yaml:"ipam"`
	IpamResourceDiscovery IIpamResourceDiscovery `field:"required" json:"ipamResourceDiscovery" yaml:"ipamResourceDiscovery"`
}

type IpamResourceDiscoveryAttributes added in v0.0.50 

type IpamResourceDiscoveryAttributes struct {
	IsDefault            *bool   `field:"optional" json:"isDefault" yaml:"isDefault"`
	OwnerId              *string `field:"optional" json:"ownerId" yaml:"ownerId"`
	Region               *string `field:"optional" json:"region" yaml:"region"`
	ResourceDiscoveryArn *string `field:"optional" json:"resourceDiscoveryArn" yaml:"resourceDiscoveryArn"`
	ResourceDiscoveryId  *string `field:"optional" json:"resourceDiscoveryId" yaml:"resourceDiscoveryId"`
	State                *string `field:"optional" json:"state" yaml:"state"`
}

type IpamResourceDiscoveryProps added in v0.0.50 

type IpamResourceDiscoveryProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region      *string    `field:"optional" json:"region" yaml:"region"`
	Description *string    `field:"optional" json:"description" yaml:"description"`
	Regions     *[]*string `field:"optional" json:"regions" yaml:"regions"`
}

type IpamScope added in v0.0.50 

type IpamScope interface {
	awscdk.Resource
	IIpamScope
	// The description of the scope.
	// See: [IPAMScope Description](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipamscope.html#cfn-ec2-ipamscope-description)
	//
	Description() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The IPAM for which you're creating this scope.
	// See: [IPAMScope IpamId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipamscope.html#cfn-ec2-ipamscope-ipamid)
	//
	Ipam() IIpam
	// The ARN of the scope.
	IpamScopeArn() *string
	// The ID of an IPAM scope.
	IpamScopeId() *string
	// The ARN of an IPAM.
	IpamScopeIpamArn() *string
	// Defines if the scope is the default scope or not.
	IpamScopeIsDefault() awscdk.IResolvable
	// The number of pools in a scope.
	IpamScopePoolCount() *float64
	// The type of the scope.
	IpamScopeType() *string
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The underlying IPAM scope CloudFormation resource.
	// See: [AWS::EC2::IPAMScope](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipamscope.html)
	//
	Resource() awsec2.CfnIPAMScope
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// Adds an IPAM pool to the IPAM scope.
	//
	// A pool is a collection of contiguous IP address ranges (or CIDRs). IPAM
	// pools enable you to organize your IP addresses according to your routing
	// and security needs.
	//
	// Returns: The pool that was added to the scope.
	// See: [How IPAM works](https://docs.aws.amazon.com/vpc/latest/ipam/how-it-works-ipam.html)
	//
	AddPool(id *string, options *IpamPoolOptions) IIpamPool
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

Represents an IPAM scope.

In IPAM, a scope is the highest-level container within IPAM. An IPAM contains two default scopes. Each scope represents the IP space for a single network. The private scope is intended for all private IP address space. The public scope is intended for all public IP address space. Scopes enable you to reuse IP addresses across multiple unconnected networks without causing IP address overlap or conflict. See: [AWS::EC2::IPAMScope](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipamscope.html)

func NewIpamScope added in v0.0.50 

func NewIpamScope(scope constructs.IConstruct, id *string, props *IpamScopeProps) IpamScope

Creates a new instance of the IpamScope class.

type IpamScopeAttributes added in v0.0.50 

type IpamScopeAttributes struct {
	// The IPAM to which the scope belongs.
	Ipam IIpam `field:"optional" json:"ipam" yaml:"ipam"`
	// The Amazon Resource Name (ARN) of the IPAM scope.
	IpamScopeArn *string `field:"optional" json:"ipamScopeArn" yaml:"ipamScopeArn"`
	// The ID generated by AWS for the IPAM scope.
	IpamScopeId *string `field:"optional" json:"ipamScopeId" yaml:"ipamScopeId"`
	// Defines if the scope is the default scope or not.
	IsDefault *bool `field:"optional" json:"isDefault" yaml:"isDefault"`
	// The number of pools in a scope.
	PoolCount *float64 `field:"optional" json:"poolCount" yaml:"poolCount"`
	// The type of the scope.
	ScopeType *string `field:"optional" json:"scopeType" yaml:"scopeType"`
}

Configuration for importing an existing IPAM scope.

type IpamScopeOptions added in v0.0.50 

type IpamScopeOptions struct {
	// The description of the scope.
	// See: [IPAMScope Description](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipamscope.html#cfn-ec2-ipamscope-description)
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
}

Optional configuration for the IPAM scope resource.

type IpamScopeProps added in v0.0.50 

type IpamScopeProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region *string `field:"optional" json:"region" yaml:"region"`
	// The description of the scope.
	// See: [IPAMScope Description](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipamscope.html#cfn-ec2-ipamscope-description)
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// The IPAM for which you're creating this scope.
	// See: [IPAMScope IpamId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-ipamscope.html#cfn-ec2-ipamscope-ipamid)
	//
	Ipam IIpam `field:"required" json:"ipam" yaml:"ipam"`
}

Configuration for the IPAM scope resource.

type Ipv4ConfigurationOptions added in v0.0.50 

type Ipv4ConfigurationOptions struct {
	DefaultNetmaskLength *float64 `field:"optional" json:"defaultNetmaskLength" yaml:"defaultNetmaskLength"`
	MaxNetmaskLength     *float64 `field:"optional" json:"maxNetmaskLength" yaml:"maxNetmaskLength"`
	MinNetmaskLength     *float64 `field:"optional" json:"minNetmaskLength" yaml:"minNetmaskLength"`
}

type Ipv6ConfigurationOptions added in v0.0.50 

type Ipv6ConfigurationOptions struct {
	DefaultNetmaskLength *float64 `field:"optional" json:"defaultNetmaskLength" yaml:"defaultNetmaskLength"`
	MaxNetmaskLength     *float64 `field:"optional" json:"maxNetmaskLength" yaml:"maxNetmaskLength"`
	MinNetmaskLength     *float64 `field:"optional" json:"minNetmaskLength" yaml:"minNetmaskLength"`
	PubliclyAdvertisable *bool    `field:"optional" json:"publiclyAdvertisable" yaml:"publiclyAdvertisable"`
}

type LocalVpnEndpointConfiguration added in v0.0.50 

type LocalVpnEndpointConfiguration struct {
	// The ID of the transit gateway that serves as the local end of the VPN connection.
	TransitGatewayId *string `field:"optional" json:"transitGatewayId" yaml:"transitGatewayId"`
	// The ID of the VPN gateway that serves as the local end of the VPN connection.
	VpnGatewayId *string `field:"optional" json:"vpnGatewayId" yaml:"vpnGatewayId"`
}

Configuration object containing the vlues needed to configure the local end of a VPN connection.

type NatProvider added in v0.0.50 

type NatProvider interface {
}

func NewNatProvider added in v0.0.50 

func NewNatProvider() NatProvider

type NetmaskLengthOptions added in v0.0.50 

type NetmaskLengthOptions struct {
	DefaultNetmaskLength *float64 `field:"optional" json:"defaultNetmaskLength" yaml:"defaultNetmaskLength"`
	MaxNetmaskLength     *float64 `field:"optional" json:"maxNetmaskLength" yaml:"maxNetmaskLength"`
	MinNetmaskLength     *float64 `field:"optional" json:"minNetmaskLength" yaml:"minNetmaskLength"`
}

type PublicIpSource added in v0.0.50 

type PublicIpSource interface {
	Name() *string
}

func PublicIpSource_AMAZON added in v0.0.50 

func PublicIpSource_AMAZON() PublicIpSource

func PublicIpSource_BYOIP added in v0.0.50 

func PublicIpSource_BYOIP() PublicIpSource

func PublicIpSource_Of added in v0.0.50 

func PublicIpSource_Of(name *string) PublicIpSource

type RemoteVpnEndpointConfiguration added in v0.0.50 

type RemoteVpnEndpointConfiguration struct {
	// The BGP ASN of the customer gateway which is configured with the details of the remote endpoint device.
	CustomerGatewayAsn *float64 `field:"required" json:"customerGatewayAsn" yaml:"customerGatewayAsn"`
	// The ID of the customer gateway which is configured with the details of the remote endpoint device.
	CustomerGatewayId *string `field:"required" json:"customerGatewayId" yaml:"customerGatewayId"`
	// The IP address of the customer gateway which is configured with the details of the remote endpoint device.
	CustomerGatewayIp *string `field:"required" json:"customerGatewayIp" yaml:"customerGatewayIp"`
}

Configuration object containing the vlues needed to configure the remote end of a VPN connection.

type ResolvedIpamAllocationConfiguration added in v0.0.50 

type ResolvedIpamAllocationConfiguration struct {
	Cidr          *string  `field:"optional" json:"cidr" yaml:"cidr"`
	NetmaskLength *float64 `field:"optional" json:"netmaskLength" yaml:"netmaskLength"`
}

type ResolvedIpamPoolCidrConfiguration added in v0.0.50 

type ResolvedIpamPoolCidrConfiguration struct {
	Cidr          *string  `field:"optional" json:"cidr" yaml:"cidr"`
	NetmaskLength *float64 `field:"optional" json:"netmaskLength" yaml:"netmaskLength"`
}

type SharingOptions added in v0.0.50 

type SharingOptions struct {
	AllowExternalPrincipals *bool                   `field:"optional" json:"allowExternalPrincipals" yaml:"allowExternalPrincipals"`
	AutoDiscoverAccounts    *bool                   `field:"optional" json:"autoDiscoverAccounts" yaml:"autoDiscoverAccounts"`
	Principals              *[]ram.ISharedPrincipal `field:"optional" json:"principals" yaml:"principals"`
}

type TieredSubnets added in v0.0.50 

type TieredSubnets interface {
	awsec2.IIpAddresses
	Provider() ICidrProvider
	TierMask() *float64
	// Called by the VPC to retrieve Subnet options from the Ipam  Don't call this directly, the VPC will call it automatically.
	AllocateSubnetsCidr(input *awsec2.AllocateCidrRequest) *awsec2.SubnetIpamOptions
	// Called by the VPC to retrieve VPC options from the Ipam  Don't call this directly, the VPC will call it automatically.
	AllocateVpcCidr() *awsec2.VpcIpamOptions
}

func NewTieredSubnets added in v0.0.50 

func NewTieredSubnets(options *TieredSubnetsOptions) TieredSubnets

type TieredSubnetsOptions added in v0.0.50 

type TieredSubnetsOptions struct {
	Provider ICidrProvider `field:"required" json:"provider" yaml:"provider"`
	TierMask *float64      `field:"optional" json:"tierMask" yaml:"tierMask"`
}

type TransitGateway added in v0.0.50 

type TransitGateway interface {
	awscdk.Resource
	ITransitGateway
	// A private Autonomous System Number (ASN) for the Amazon side of a BGP session.
	//
	// The range is 64512 to 65534 for 16-bit ASNs.
	// See: [TransitGateway.AmazonSideAsn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgateway.html#cfn-ec2-transitgateway-amazonsideasn)
	//
	AmazonSideAsn() *float64
	// Enable or disable automatic acceptance of attachment requests.
	//
	// When enabled any new transit gateway attachments that are created in other
	// accounts via a resource share will be accepted automatically. Otherwise,
	// manual intervention will be required to approve all new attachments.
	//
	// This is disabled by default to maintain the highest levels of security,
	// however enabling should be strongly considered as without this full
	// automation of infrastructure will not be possible for cross account
	// setups.
	// See: [Accept a shared attachment](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#tgw-accept-shared-attachment)
	//
	AutoAcceptSharedAttachments() *bool
	// The default route table that got created along with the Transit Gateway.
	//
	// This information is not exposed by CloudFormation. As such, this resource
	// will only be available if the default reoute table ID is passed in.
	DefaultRouteTable() ITransitGatewayRouteTable
	// Enable or disable automatic association with the default association route table.
	//
	// When enabled, all new attachments that are accepted will be automatically
	// associated with the default association route table. By default this is
	// the route table that is created automatically when the transit gateway is
	// created.
	// See: [TransitGateway.DefaultRouteTableAssociation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgateway.html#cfn-ec2-transitgateway-defaultroutetableassociation)
	//
	DefaultRouteTableAssociation() *bool
	// The ID of the default route table that was created with the transit gateway.
	//
	// This route table is critical to some transit gateway architectures and is
	// not exposed by CloudFormation.
	//
	// Passing in the ID of the default route table will make an object available
	// that represents it and can be used for further operations.
	DefaultRouteTableId() *string
	// Enable or disable automatic propagation of routes to the default propagation route table.
	//
	// When a new attachment is accepted, the routes associated with that
	// attachment will automatically be added to the default propagation route
	// table. By default this is the route table that is created automatically
	// when the transit gateway is created.
	// See: [Route propagation](https://docs.aws.amazon.com/vpc/latest/tgw/how-transit-gateways-work.html#tgw-route-propagation-overview)
	//
	DefaultRouteTablePropagation() *bool
	// The description of the transit gateway.
	// See: [TransitGateway.Description](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgateway.html#cfn-ec2-transitgateway-description)
	//
	Description() *string
	// Enable or disable DNS support.
	//
	// When DNS support is enabled on a transit gateway, VPC DNS resolution in
	// attached VPC's will automatically resolve public IP addresses from other
	// VPC's to their provate IP address equivalent.
	// See: [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw)
	//
	DnsSupport() *bool
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// Indicates whether multicast is enabled on the transit gateway.
	// See: [Multicast reference architectures](https://d1.awsstatic.com/architecture-diagrams/ArchitectureDiagrams/transitgateway_multicast_ra.pdf?did=wp_card&trk=wp_card)
	//
	MulticastSupport() *bool
	// The name of the transit gateway.
	//
	// Used to tag the transit gateway with a name that will be displayed in the
	// AWS VPC console.
	// See: [TransitGateway.Tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgateway.html#cfn-ec2-transitgateway-tags)
	//
	Name() *string
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The underlying TransitGateway CloudFormation resource.
	// See: [AWS::EC2::TransitGateway](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgateway.html)
	//
	Resource() awsec2.CfnTransitGateway
	// The RAM resource share that is used for sharing the transit gateway with other accounts.
	ResourceShare() ram.ResourceShare
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// The ARN of this Transit Gateway.
	TransitGatewayArn() *string
	// The ID of this Transit Gateway.
	TransitGatewayId() *string
	// Enable or disable Equal Cost Multipath Protocol support.
	// See: [Achieve ECMP with multiple VPN tunnels](https://aws.amazon.com/premiumsupport/knowledge-center/transit-gateway-ecmp-multiple-tunnels/)
	//
	VpnEcmpSupport() *bool
	AddCidrBlock(cidr *string)
	// Creates a new Transit Gateway Route Table for this Transit Gateway.
	//
	// Returns: The newly created Transit Gateway Route Table.
	AddRouteTable(options *TransitGatewayRouteTableOptions) TransitGatewayRouteTable
	// Creates a new VPN connection that terminates on the AWS side at this Transit Gateway.
	//
	// Returns: The VPN connection that was created.
	AddVpn(id *string, options *VpnAttachmentOptions) VpnConnection
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Creates a new transit gateway peering attachment for this transit gateway.
	//
	// Returns: The newly created TransitGatewayPeeringAttachment.
	AttachPeer(peer ITransitGateway, options *TransitGatewayPeeringAttachmentOptions) TransitGatewayPeeringAttachment
	// Creates a new VPC transit gateway attachment for this transit gateway.
	//
	// Returns: The newly created TransitGatewayAttachment.
	AttachVpc(vpc awsec2.IVpc, options *VpcAttachmentOptions) TransitGatewayAttachment
	EnableSharing(options *SharingOptions) ram.ResourceShare
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

func NewTransitGateway added in v0.0.50 

func NewTransitGateway(scope constructs.Construct, id *string, props *TransitGatewayProps) TransitGateway

Creates a new instance of the Database class.

type TransitGatewayAttachment added in v0.0.50 

type TransitGatewayAttachment interface {
	TransitGatewayAttachmentResource
	// Enables appliance mode on the attachment.
	//
	// When appliance mode is enabled, all traffic flowing between attachments is
	// forwarded to an appliance in a shared VPC to be inspected and processed.
	// See: [Appliance in a shared services VPC](https://docs.aws.amazon.com/vpc/latest/tgw/transit-gateway-appliance-scenario.html)
	//
	ApplianceModeSupport() *bool
	// Enables DNS support for the attachment.
	//
	// With DNS Support enabled public DNS names that resolve to a connected VPC
	// will be translated to private IP addresses when resolved in a connected VPC.
	// See: [TransitGatewayVpcAttachment DnsSupport](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-transitgatewayvpcattachment-options.html#cfn-ec2-transitgatewayvpcattachment-options-dnssupport)
	//
	DnsSupport() *bool
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// Enables DNS support for the attachment.
	//
	// With DNS Support enabled public DNS names that resolve to a connected VPC
	// will be translated to private IP addresses when resolved in a connected VPC.
	// See: [IPv6 connectivity with TransitGateway](https://docs.aws.amazon.com/whitepapers/latest/ipv6-on-aws/amazon-vpc-connectivity-options-for-ipv6.html#ipv6-connectivity-with-transit-gateway)
	//
	Ipv6Support() *bool
	// The name of the Transit Gateway Attachment.
	//
	// Used to tag the attachment with a name that will be displayed in the AWS
	// EC2 console.
	// See: [TransitGatewayVpcAttachment Tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html#cfn-ec2-transitgatewayvpcattachment-tags)
	//
	Name() *string
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The underlying NamedQuery CloudFormation resource.
	// See: [AWS::EC2::TransitGatewayVpcAttachment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html)
	//
	Resource() awsec2.CfnTransitGatewayAttachment
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// The subnets where the attachment should be created.
	//
	// Can select up to one subnet per Availability Zone.
	// See: [TransitGatewayVpcAttachment SubnetIds](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html#cfn-ec2-transitgatewayvpcattachment-subnetids)
	//
	Subnets() *awsec2.SubnetSelection
	// The transit gateway for which the attachment should be created.
	TransitGateway() ITransitGateway
	// The ARN of this Transit Gateway Attachment.
	TransitGatewayAttachmentArn() *string
	// The ID of this Transit Gateway Attachment.
	TransitGatewayAttachmentId() *string
	// The VPC where the attachment should be created.
	// See: [TransitGatewayVpcAttachment VpcId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html#cfn-ec2-transitgatewayvpcattachment-vpcid)
	//
	Vpc() awsec2.IVpc
	// Adds a route that directs traffic to this transit gateway attachment.
	//
	// Returns: The TransitGatewayRoute that was added.
	AddRoute(cidr *string, routeTable ITransitGatewayRouteTable) ITransitGatewayRoute
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
	// Translates a boolean input into the strings used by the transit gateway attachment resource to implement boolean values.
	//
	// Returns: The string used to reprersent the input boolean or undefined if
	// the input boolean is undefined.
	TranslateBoolean(val *bool) *string
}

Attaches a VPC to a transit gateway.

If you attach a VPC with a CIDR range that overlaps the CIDR range of a VPC that is already attached, the new VPC CIDR range is not propagated to the default propagation route table.

func NewTransitGatewayAttachment added in v0.0.50 

func NewTransitGatewayAttachment(scope constructs.Construct, id *string, props *TransitGatewayAttachmentProps) TransitGatewayAttachment

Creates a new instance of the TransitGatewayAttachment class.

type TransitGatewayAttachmentBase added in v0.0.50 

type TransitGatewayAttachmentBase interface {
	awscdk.Resource
	ITransitGatewayAttachment
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// The ARN of this Transit Gateway Attachment.
	TransitGatewayAttachmentArn() *string
	// The name of this Transit Gateway Attachment.
	TransitGatewayAttachmentId() *string
	// Adds a route that directs traffic to this transit gateway attachment.
	//
	// Returns: The TransitGatewayRoute that was added.
	AddRoute(cidr *string, routeTable ITransitGatewayRouteTable) ITransitGatewayRoute
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

A base class providing common functionality between created and imported Transit Gateway Attachments.

type TransitGatewayAttachmentProps added in v0.0.50 

type TransitGatewayAttachmentProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region *string `field:"optional" json:"region" yaml:"region"`
	// The transit gateway for which the attachment should be created.
	// See: [TransitGatewayVpcAttachment TransitGatewayId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html#cfn-ec2-transitgatewayvpcattachment-transitgatewayid)
	//
	TransitGateway ITransitGateway `field:"required" json:"transitGateway" yaml:"transitGateway"`
	// The VPC where the attachment should be created.
	// See: [TransitGatewayVpcAttachment VpcId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html#cfn-ec2-transitgatewayvpcattachment-vpcid)
	//
	Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"`
	// Enables appliance mode on the attachment.
	//
	// When appliance mode is enabled, all traffic flowing between attachments is
	// forwarded to an appliance in a shared VPC to be inspected and processed.
	// See: [Appliance in a shared services VPC](https://docs.aws.amazon.com/vpc/latest/tgw/transit-gateway-appliance-scenario.html)
	//
	ApplianceModeSupport *bool `field:"optional" json:"applianceModeSupport" yaml:"applianceModeSupport"`
	// Enables DNS support for the attachment.
	//
	// With DNS Support enabled public DNS names that resolve to a connected VPC
	// will be translated to private IP addresses when resolved in a connected VPC.
	// See: [TransitGatewayVpcAttachment DnsSupport](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-transitgatewayvpcattachment-options.html#cfn-ec2-transitgatewayvpcattachment-options-dnssupport)
	//
	DnsSupport *bool `field:"optional" json:"dnsSupport" yaml:"dnsSupport"`
	// Enables DNS support for the attachment.
	//
	// With DNS Support enabled public DNS names that resolve to a connected VPC
	// will be translated to private IP addresses when resolved in a connected VPC.
	// See: [IPv6 connectivity with TransitGateway](https://docs.aws.amazon.com/whitepapers/latest/ipv6-on-aws/amazon-vpc-connectivity-options-for-ipv6.html#ipv6-connectivity-with-transit-gateway)
	//
	Ipv6Support *bool `field:"optional" json:"ipv6Support" yaml:"ipv6Support"`
	// The name of the Transit Gateway Attachment.
	//
	// Used to tag the attachment with a name that will be displayed in the AWS
	// EC2 console.
	// See: [TransitGatewayVpcAttachment Tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html#cfn-ec2-transitgatewayvpcattachment-tags)
	//
	Name *string `field:"optional" json:"name" yaml:"name"`
	// The subnets where the attachment should be created.
	//
	// Can select up to one subnet per Availability Zone.
	// See: [TransitGatewayVpcAttachment SubnetIds](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html#cfn-ec2-transitgatewayvpcattachment-subnetids)
	//
	Subnets *awsec2.SubnetSelection `field:"optional" json:"subnets" yaml:"subnets"`
}

Configuration for TransitGatewayAttachment resource.

type TransitGatewayAttachmentResource added in v0.0.50 

type TransitGatewayAttachmentResource interface {
	TransitGatewayAttachmentBase
	// Enables appliance mode on the attachment.
	//
	// When appliance mode is enabled, all traffic flowing between attachments is
	// forwarded to an appliance in a shared VPC to be inspected and processed.
	// See: [Appliance in a shared services VPC](https://docs.aws.amazon.com/vpc/latest/tgw/transit-gateway-appliance-scenario.html)
	//
	ApplianceModeSupport() *bool
	// Enables DNS support for the attachment.
	//
	// With DNS Support enabled public DNS names that resolve to a connected VPC
	// will be translated to private IP addresses when resolved in a connected VPC.
	// See: [TransitGatewayVpcAttachment DnsSupport](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-transitgatewayvpcattachment-options.html#cfn-ec2-transitgatewayvpcattachment-options-dnssupport)
	//
	DnsSupport() *bool
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// Enables DNS support for the attachment.
	//
	// With DNS Support enabled public DNS names that resolve to a connected VPC
	// will be translated to private IP addresses when resolved in a connected VPC.
	// See: [IPv6 connectivity with TransitGateway](https://docs.aws.amazon.com/whitepapers/latest/ipv6-on-aws/amazon-vpc-connectivity-options-for-ipv6.html#ipv6-connectivity-with-transit-gateway)
	//
	Ipv6Support() *bool
	// The name of the Transit Gateway Attachment.
	//
	// Used to tag the attachment with a name that will be displayed in the AWS
	// EC2 console.
	// See: [TransitGatewayVpcAttachment Tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html#cfn-ec2-transitgatewayvpcattachment-tags)
	//
	Name() *string
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// The subnets where the attachment should be created.
	//
	// Can select up to one subnet per Availability Zone.
	// See: [TransitGatewayVpcAttachment SubnetIds](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html#cfn-ec2-transitgatewayvpcattachment-subnetids)
	//
	Subnets() *awsec2.SubnetSelection
	// The transit gateway for which the attachment should be created.
	TransitGateway() ITransitGateway
	// The ARN of this Transit Gateway Attachment.
	TransitGatewayAttachmentArn() *string
	// The ID of this Transit Gateway Attachment.
	TransitGatewayAttachmentId() *string
	// The VPC where the attachment should be created.
	// See: [TransitGatewayVpcAttachment VpcId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html#cfn-ec2-transitgatewayvpcattachment-vpcid)
	//
	Vpc() awsec2.IVpc
	// Adds a route that directs traffic to this transit gateway attachment.
	//
	// Returns: The TransitGatewayRoute that was added.
	AddRoute(cidr *string, routeTable ITransitGatewayRouteTable) ITransitGatewayRoute
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
	// Translates a boolean input into the strings used by the transit gateway attachment resource to implement boolean values.
	//
	// Returns: The string used to reprersent the input boolean or undefined if
	// the input boolean is undefined.
	TranslateBoolean(val *bool) *string
}

Attaches a VPC to a transit gateway.

If you attach a VPC with a CIDR range that overlaps the CIDR range of a VPC that is already attached, the new VPC CIDR range is not propagated to the default propagation route table.

type TransitGatewayAttachmentResourceProps added in v0.0.50 

type TransitGatewayAttachmentResourceProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region *string `field:"optional" json:"region" yaml:"region"`
	// The transit gateway for which the attachment should be created.
	// See: [TransitGatewayVpcAttachment TransitGatewayId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html#cfn-ec2-transitgatewayvpcattachment-transitgatewayid)
	//
	TransitGateway ITransitGateway `field:"required" json:"transitGateway" yaml:"transitGateway"`
	// The VPC where the attachment should be created.
	// See: [TransitGatewayVpcAttachment VpcId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html#cfn-ec2-transitgatewayvpcattachment-vpcid)
	//
	Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"`
	// Enables appliance mode on the attachment.
	//
	// When appliance mode is enabled, all traffic flowing between attachments is
	// forwarded to an appliance in a shared VPC to be inspected and processed.
	// See: [Appliance in a shared services VPC](https://docs.aws.amazon.com/vpc/latest/tgw/transit-gateway-appliance-scenario.html)
	//
	ApplianceModeSupport *bool `field:"optional" json:"applianceModeSupport" yaml:"applianceModeSupport"`
	// Enables DNS support for the attachment.
	//
	// With DNS Support enabled public DNS names that resolve to a connected VPC
	// will be translated to private IP addresses when resolved in a connected VPC.
	// See: [TransitGatewayVpcAttachment DnsSupport](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-transitgatewayvpcattachment-options.html#cfn-ec2-transitgatewayvpcattachment-options-dnssupport)
	//
	DnsSupport *bool `field:"optional" json:"dnsSupport" yaml:"dnsSupport"`
	// Enables DNS support for the attachment.
	//
	// With DNS Support enabled public DNS names that resolve to a connected VPC
	// will be translated to private IP addresses when resolved in a connected VPC.
	// See: [IPv6 connectivity with TransitGateway](https://docs.aws.amazon.com/whitepapers/latest/ipv6-on-aws/amazon-vpc-connectivity-options-for-ipv6.html#ipv6-connectivity-with-transit-gateway)
	//
	Ipv6Support *bool `field:"optional" json:"ipv6Support" yaml:"ipv6Support"`
	// The name of the Transit Gateway Attachment.
	//
	// Used to tag the attachment with a name that will be displayed in the AWS
	// EC2 console.
	// See: [TransitGatewayVpcAttachment Tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html#cfn-ec2-transitgatewayvpcattachment-tags)
	//
	Name *string `field:"optional" json:"name" yaml:"name"`
	// The subnets where the attachment should be created.
	//
	// Can select up to one subnet per Availability Zone.
	// See: [TransitGatewayVpcAttachment SubnetIds](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayvpcattachment.html#cfn-ec2-transitgatewayvpcattachment-subnetids)
	//
	Subnets *awsec2.SubnetSelection `field:"optional" json:"subnets" yaml:"subnets"`
}

Configuration for TransitGatewayAttachmentResource resource.

type TransitGatewayLocalVpnEndpoint added in v0.0.50 

type TransitGatewayLocalVpnEndpoint interface {
	ILocalVpnEndpoint
	// The transit gateway that serves as the local end of a VPN connection.
	TransitGateway() ITransitGateway
	// Produces a configuration that can be used when configuring the local end of a VPN connection.
	Bind(_scope constructs.IConstruct) *LocalVpnEndpointConfiguration
}

Specifies a VPN connection endpoint which routes to a transit gateway on the AWS side.

func NewTransitGatewayLocalVpnEndpoint added in v0.0.50 

func NewTransitGatewayLocalVpnEndpoint(transitGateway ITransitGateway) TransitGatewayLocalVpnEndpoint

Creates a new instance of the TransitGatewayLocalVpnEndpoint class.

func VpnConnectionLocalEndpoint_FromTransitGateway added in v0.0.50 

func VpnConnectionLocalEndpoint_FromTransitGateway(transitGateway ITransitGateway) TransitGatewayLocalVpnEndpoint

type TransitGatewayNatProvider added in v0.0.50 

type TransitGatewayNatProvider interface {
	awsec2.NatProvider
	// Return list of gateways spawned by the provider.
	ConfiguredGateways() *[]*awsec2.GatewayConfig
	TransitGateway() ITransitGateway
	TransitGatewayAttachment() TransitGatewayAttachment
	// Called by the VPC to configure NAT  Don't call this directly, the VPC will call it automatically.
	ConfigureNat(options *awsec2.ConfigureNatOptions)
	// Configures subnet with the gateway  Don't call this directly, the VPC will call it automatically.
	ConfigureSubnet(subnet awsec2.PrivateSubnet)
}

func NewTransitGatewayNatProvider added in v0.0.50 

func NewTransitGatewayNatProvider(options *TransitGatewayNatProviderOptions) TransitGatewayNatProvider

type TransitGatewayNatProviderOptions added in v0.0.50 

type TransitGatewayNatProviderOptions struct {
	TransitGateway ITransitGateway `field:"required" json:"transitGateway" yaml:"transitGateway"`
}

type TransitGatewayPeeringAttachment added in v0.0.50 

type TransitGatewayPeeringAttachment interface {
	TransitGatewayAttachmentBase
	ITransitGatewayPeeringAttachment
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The local side of the transit gateway peering connection.
	// See: [TransitGatewayPeeringAttachment TransitGatewayId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewaypeeringattachment.html#cfn-ec2-transitgatewaypeeringattachment-transitgatewayid)
	//
	LocalTransitGateway() ITransitGateway
	// The name of the transit gateway peering attachment.
	//
	// Used to tag the attachment with a name that will be displayed in the AWS
	// EC2 console.
	// See: [TransitGatewayPeeringAttachment Tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewaypeeringattachment.html#cfn-ec2-transitgatewaypeeringattachment-tags)
	//
	Name() *string
	// The tree node.
	Node() constructs.Node
	// The account that contains the transit gateway being peered with.
	// See: [TransitGatewayPeeringAttachment PeerAccountId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewaypeeringattachment.html#cfn-ec2-transitgatewaypeeringattachment-peeraccountid)
	//
	PeerAccountId() *string
	// The region that contains the transit gateway being peered with.
	// See: [TransitGatewayPeeringAttachment PeerRegion](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewaypeeringattachment.html#cfn-ec2-transitgatewaypeeringattachment-peerregion)
	//
	PeerRegion() *string
	// The remote transit gateway being peered with.
	// See: [TransitGatewayPeeringAttachment PeerTransitGatewayId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewaypeeringattachment.html#cfn-ec2-transitgatewaypeeringattachment-peertransitgatewayid)
	//
	PeerTransitGateway() ITransitGateway
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The underlying TransitGatewayRouteTable CloudFormation resource.
	// See: [AWS::EC2::TransitGatewayRouteTable](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayroutetable.html)
	//
	Resource() awsec2.CfnTransitGatewayPeeringAttachment
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// The ARN of this transit gateway peering attachment.
	TransitGatewayAttachmentArn() *string
	// The time the transit gateway peering attachment was created.
	TransitGatewayAttachmentCreationTime() *string
	// The ID of this transit gateway peering attachment.
	TransitGatewayAttachmentId() *string
	// The state of the transit gateway peering attachment.
	TransitGatewayAttachmentState() *string
	// The status of the transit gateway peering attachment.
	TransitGatewayAttachmentStatus() *string
	// The status code for the current status of the attachment.
	TransitGatewayAttachmentStatusCode() *string
	// The status message for the current status of the attachment.
	TransitGatewayAttachmentStatusMessage() *string
	// Adds a route that directs traffic to this transit gateway attachment.
	//
	// Returns: The TransitGatewayRoute that was added.
	AddRoute(cidr *string, routeTable ITransitGatewayRouteTable) ITransitGatewayRoute
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

Requests a transit gateway peering attachment between the specified transit gateway (requester) and a peer transit gateway (accepter).

The peer transit gateway can be in your account or a different AWS account.

After you create the peering attachment, the owner of the accepter transit gateway must accept the attachment request. See: [AWS::EC2::TransitGatewayPeeringAttachment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewaypeeringattachment.html)

func NewTransitGatewayPeeringAttachment added in v0.0.50 

func NewTransitGatewayPeeringAttachment(scope constructs.Construct, id *string, props *TransitGatewayPeeringAttachmentProps) TransitGatewayPeeringAttachment

Creates a new instance of the TransitGatewayPeeringAttachment class.

type TransitGatewayPeeringAttachmentImportAttributes added in v0.0.50 

type TransitGatewayPeeringAttachmentImportAttributes struct {
	// The ARN of this Transit Gateway Attachment.
	Arn *string `field:"optional" json:"arn" yaml:"arn"`
	// The ID of this Transit Gateway Attachment.
	AttachmentId *string `field:"optional" json:"attachmentId" yaml:"attachmentId"`
	// The time the transit gateway peering attachment was created.
	CreationTime *string `field:"optional" json:"creationTime" yaml:"creationTime"`
	// The state of the transit gateway peering attachment.
	State *string `field:"optional" json:"state" yaml:"state"`
	// The status of the transit gateway peering attachment.
	Status *string `field:"optional" json:"status" yaml:"status"`
	// The status code for the current status of the attachment.
	StatusCode *string `field:"optional" json:"statusCode" yaml:"statusCode"`
	// The status message for the current status of the attachment.
	StatusMessage *string `field:"optional" json:"statusMessage" yaml:"statusMessage"`
}

Configuration options for importing a transit gateway peering attachment.

type TransitGatewayPeeringAttachmentOptions added in v0.0.50 

type TransitGatewayPeeringAttachmentOptions struct {
	// The name of the transit gateway peering attachment.
	//
	// Used to tag the attachment with a name that will be displayed in the AWS
	// EC2 console.
	// See: [TransitGatewayPeeringAttachment Tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewaypeeringattachment.html#cfn-ec2-transitgatewaypeeringattachment-tags)
	//
	Name *string `field:"optional" json:"name" yaml:"name"`
	// The account that contains the transit gateway being peered with.
	// See: [TransitGatewayPeeringAttachment PeerAccountId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewaypeeringattachment.html#cfn-ec2-transitgatewaypeeringattachment-peeraccountid)
	//
	PeerAccountId *string `field:"optional" json:"peerAccountId" yaml:"peerAccountId"`
	// The region that contains the transit gateway being peered with.
	// See: [TransitGatewayPeeringAttachment PeerRegion](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewaypeeringattachment.html#cfn-ec2-transitgatewaypeeringattachment-peerregion)
	//
	PeerRegion *string `field:"optional" json:"peerRegion" yaml:"peerRegion"`
}

Optional configuration for TransitGatewayPeeringAttachment resource.

type TransitGatewayPeeringAttachmentProps added in v0.0.50 

type TransitGatewayPeeringAttachmentProps struct {
	// The name of the transit gateway peering attachment.
	//
	// Used to tag the attachment with a name that will be displayed in the AWS
	// EC2 console.
	// See: [TransitGatewayPeeringAttachment Tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewaypeeringattachment.html#cfn-ec2-transitgatewaypeeringattachment-tags)
	//
	Name *string `field:"optional" json:"name" yaml:"name"`
	// The account that contains the transit gateway being peered with.
	// See: [TransitGatewayPeeringAttachment PeerAccountId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewaypeeringattachment.html#cfn-ec2-transitgatewaypeeringattachment-peeraccountid)
	//
	PeerAccountId *string `field:"optional" json:"peerAccountId" yaml:"peerAccountId"`
	// The region that contains the transit gateway being peered with.
	// See: [TransitGatewayPeeringAttachment PeerRegion](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewaypeeringattachment.html#cfn-ec2-transitgatewaypeeringattachment-peerregion)
	//
	PeerRegion *string `field:"optional" json:"peerRegion" yaml:"peerRegion"`
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region *string `field:"optional" json:"region" yaml:"region"`
	// The local side of the transit gateway peering connection.
	// See: [TransitGatewayPeeringAttachment TransitGatewayId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewaypeeringattachment.html#cfn-ec2-transitgatewaypeeringattachment-transitgatewayid)
	//
	LocalTransitGateway ITransitGateway `field:"required" json:"localTransitGateway" yaml:"localTransitGateway"`
	// The remote transit gateway being peered with.
	// See: [TransitGatewayPeeringAttachment PeerTransitGatewayId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewaypeeringattachment.html#cfn-ec2-transitgatewaypeeringattachment-peertransitgatewayid)
	//
	PeerTransitGateway ITransitGateway `field:"required" json:"peerTransitGateway" yaml:"peerTransitGateway"`
}

Configuration for TransitGatewayPeeringAttachment resource.

type TransitGatewayProps added in v0.0.50 

type TransitGatewayProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region                       *string    `field:"optional" json:"region" yaml:"region"`
	AmazonSideAsn                *float64   `field:"optional" json:"amazonSideAsn" yaml:"amazonSideAsn"`
	AutoAcceptSharedAttachments  *bool      `field:"optional" json:"autoAcceptSharedAttachments" yaml:"autoAcceptSharedAttachments"`
	CidrBlocks                   *[]*string `field:"optional" json:"cidrBlocks" yaml:"cidrBlocks"`
	DefaultRouteTableAssociation *bool      `field:"optional" json:"defaultRouteTableAssociation" yaml:"defaultRouteTableAssociation"`
	DefaultRouteTableId          *string    `field:"optional" json:"defaultRouteTableId" yaml:"defaultRouteTableId"`
	DefaultRouteTablePropagation *bool      `field:"optional" json:"defaultRouteTablePropagation" yaml:"defaultRouteTablePropagation"`
	Description                  *string    `field:"optional" json:"description" yaml:"description"`
	DnsSupport                   *bool      `field:"optional" json:"dnsSupport" yaml:"dnsSupport"`
	MulticastSupport             *bool      `field:"optional" json:"multicastSupport" yaml:"multicastSupport"`
	Name                         *string    `field:"optional" json:"name" yaml:"name"`
	VpnEcmpSupport               *bool      `field:"optional" json:"vpnEcmpSupport" yaml:"vpnEcmpSupport"`
}

Configuration for TransitGateway resource.

type TransitGatewayRoute added in v0.0.50 

type TransitGatewayRoute interface {
	awscdk.Resource
	Attachment() ITransitGatewayAttachment
	Blackhole() *bool
	Cidr() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	Resource() awsec2.CfnTransitGatewayRoute
	RouteTable() ITransitGatewayRouteTable
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	TransitGatewayRouteId() *string
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

Adds a routing rule for a transit gateway route table.

func NewTransitGatewayRoute added in v0.0.50 

func NewTransitGatewayRoute(scope constructs.Construct, id *string, props *TransitGatewayRouteProps) TransitGatewayRoute

Creates a new instance of the TransitGatewayAttachment class.

type TransitGatewayRouteOptions added in v0.0.50 

type TransitGatewayRouteOptions struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region *string `field:"optional" json:"region" yaml:"region"`
	// The CIDR range to match for the route.
	Cidr *string `field:"required" json:"cidr" yaml:"cidr"`
	// The transit gateway attachment where matched traffic should be routed.
	Attachment ITransitGatewayAttachment `field:"optional" json:"attachment" yaml:"attachment"`
	// Whether the traffic should be black holed (discarded) rather than being routed to an attachment.
	Blackhole *bool `field:"optional" json:"blackhole" yaml:"blackhole"`
}

Options for adding a route to a transit gateway route table.

type TransitGatewayRouteProps added in v0.0.50 

type TransitGatewayRouteProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region     *string                   `field:"optional" json:"region" yaml:"region"`
	Cidr       *string                   `field:"required" json:"cidr" yaml:"cidr"`
	RouteTable ITransitGatewayRouteTable `field:"required" json:"routeTable" yaml:"routeTable"`
	Attachment ITransitGatewayAttachment `field:"optional" json:"attachment" yaml:"attachment"`
	Blackhole  *bool                     `field:"optional" json:"blackhole" yaml:"blackhole"`
}

Configuration for TransitGatewayRoute resource.

type TransitGatewayRouteTable added in v0.0.50 

type TransitGatewayRouteTable interface {
	awscdk.Resource
	ITransitGatewayRouteTable
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The name of the transit gateway route table.
	//
	// Used to tag the route table with a name that will be displayed in the AWS
	// EC2 console.
	// See: [TransitGatewayRouteTable Tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayroutetable.html#cfn-ec2-transitgatewayroutetable-tags)
	//
	Name() *string
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The underlying TransitGatewayRouteTable CloudFormation resource.
	// See: [AWS::EC2::TransitGatewayRouteTable](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayroutetable.html)
	//
	Resource() awsec2.CfnTransitGatewayRouteTable
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// The transit gateway for which the route table should be created.
	// See: [TransitGatewayRouteTable TransitGatewayId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayroutetable.html#cfn-ec2-transitgatewayroutetable-transitgatewayid)
	//
	TransitGateway() ITransitGateway
	// The ARN of this transit gateway route table.
	TransitGatewayRouteTableArn() *string
	// The ID of this transit gateway route table.
	TransitGatewayRouteTableId() *string
	// Adds a route to this transit gateway route table.
	//
	// Returns: The TransitGatewayRoute that was added.
	AddRoute(options *TransitGatewayRouteOptions) TransitGatewayRoute
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

Creates a route table for traffic being processed by a transit gateway.

When traffic is routed to a transit gateway via an attachment, the route table associated with that attachment is used when evaluating how the inbound traffic should be routed. See: [AWS::EC2::TransitGatewayRouteTable](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayroutetable.html)

func NewTransitGatewayRouteTable added in v0.0.50 

func NewTransitGatewayRouteTable(scope constructs.Construct, id *string, props *TransitGatewayRouteTableProps) TransitGatewayRouteTable

Creates a new instance of the TransitGatewayRouteTable class.

type TransitGatewayRouteTableOptions added in v0.0.50 

type TransitGatewayRouteTableOptions struct {
	Name *string `field:"optional" json:"name" yaml:"name"`
}

type TransitGatewayRouteTableProps added in v0.0.50 

type TransitGatewayRouteTableProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region *string `field:"optional" json:"region" yaml:"region"`
	// The transit gateway for which the route table should be created.
	// See: [TransitGatewayRouteTable TransitGatewayId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayroutetable.html#cfn-ec2-transitgatewayroutetable-transitgatewayid)
	//
	TransitGateway ITransitGateway `field:"required" json:"transitGateway" yaml:"transitGateway"`
	// The name of the transit gateway route table.
	//
	// Used to tag the route table with a name that will be displayed in the AWS
	// VPC console.
	// See: [TransitGatewayRouteTable Tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayroutetable.html#cfn-ec2-transitgatewayroutetable-tags)
	//
	Name *string `field:"optional" json:"name" yaml:"name"`
}

Configuration for TransitGatewayRouteTable resource.

type TunnelOptions added in v0.0.50 

type TunnelOptions struct {
	InsideCidr   *string            `field:"optional" json:"insideCidr" yaml:"insideCidr"`
	PreSharedKey awscdk.SecretValue `field:"optional" json:"preSharedKey" yaml:"preSharedKey"`
}

type VpcAttachmentOptions added in v0.0.50 

type VpcAttachmentOptions struct {
	Name    *string                 `field:"optional" json:"name" yaml:"name"`
	Subnets *awsec2.SubnetSelection `field:"optional" json:"subnets" yaml:"subnets"`
}

type VpnAttachmentOptions added in v0.0.50 

type VpnAttachmentOptions struct {
	RemoteEndpoint       IRemoteVpnEndpoint `field:"required" json:"remoteEndpoint" yaml:"remoteEndpoint"`
	ConnectionType       VpnConnectionType  `field:"optional" json:"connectionType" yaml:"connectionType"`
	StaticRoutesOnly     *bool              `field:"optional" json:"staticRoutesOnly" yaml:"staticRoutesOnly"`
	TunnelConfigurations *[]*TunnelOptions  `field:"optional" json:"tunnelConfigurations" yaml:"tunnelConfigurations"`
}

type VpnConnection added in v0.0.50 

type VpnConnection interface {
	awscdk.Resource
	awsec2.IVpnConnection
	ConnectionType() VpnConnectionType
	// The ASN of the customer gateway.
	CustomerGatewayAsn() *float64
	// The id of the customer gateway.
	CustomerGatewayId() *string
	// The ip address of the customer gateway.
	CustomerGatewayIp() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	LocalEndpoint() ILocalVpnEndpoint
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	RemoteEndpoint() IRemoteVpnEndpoint
	Resource() awsec2.CfnVPNConnection
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	StaticRoutesOnly() *bool
	TunnelConfigurations() *[]*TunnelOptions
	// The id of the VPN connection.
	VpnId() *string
	AddTunnelConfiguration(options *TunnelOptions)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Return the given named metric for this VPNConnection.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The bytes received through the VPN tunnel.
	//
	// Sum over 5 minutes.
	MetricTunnelDataIn(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The bytes sent through the VPN tunnel.
	//
	// Sum over 5 minutes.
	MetricTunnelDataOut(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The state of the tunnel.
	//
	// 0 indicates DOWN and 1 indicates UP.
	//
	// Average over 5 minutes.
	MetricTunnelState(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Returns a string representation of this construct.
	ToString() *string
}

Specifies a VPN connection between a virtual private gateway and a VPN customer gateway or a transit gateway and a VPN customer gateway.

func NewVpnConnection added in v0.0.50 

func NewVpnConnection(scope constructs.Construct, id *string, props *VpnConnectionProps) VpnConnection

Creates a new instance of the TransitGatewayAttachment class.

type VpnConnectionLocalEndpoint added in v0.0.50 

type VpnConnectionLocalEndpoint interface {
}

Provides options for specifying the local side of a VPN connection.

func NewVpnConnectionLocalEndpoint added in v0.0.50 

func NewVpnConnectionLocalEndpoint() VpnConnectionLocalEndpoint

type VpnConnectionProps added in v0.0.50 

type VpnConnectionProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region               *string            `field:"optional" json:"region" yaml:"region"`
	LocalEndpoint        ILocalVpnEndpoint  `field:"required" json:"localEndpoint" yaml:"localEndpoint"`
	RemoteEndpoint       IRemoteVpnEndpoint `field:"required" json:"remoteEndpoint" yaml:"remoteEndpoint"`
	ConnectionType       VpnConnectionType  `field:"optional" json:"connectionType" yaml:"connectionType"`
	StaticRoutesOnly     *bool              `field:"optional" json:"staticRoutesOnly" yaml:"staticRoutesOnly"`
	TunnelConfigurations *[]*TunnelOptions  `field:"optional" json:"tunnelConfigurations" yaml:"tunnelConfigurations"`
}

Configuration for the VpnConnection resource.

type VpnConnectionRemoteEndpoint added in v0.0.50 

type VpnConnectionRemoteEndpoint interface {
}

Provides options for specifying the remote side of a VPN connection.

func NewVpnConnectionRemoteEndpoint added in v0.0.50 

func NewVpnConnectionRemoteEndpoint() VpnConnectionRemoteEndpoint

type VpnConnectionType added in v0.0.50 

type VpnConnectionType interface {
	// The name of the VPN protocol.
	Name() *string
}

Represents a VPN protocol that can be used to establish a connection.

func VpnConnectionType_IPSEC_1 added in v0.0.50 

func VpnConnectionType_IPSEC_1() VpnConnectionType

func VpnConnectionType_Of added in v0.0.50 

func VpnConnectionType_Of(name *string) VpnConnectionType

An escape hatch method that allows defining custom VPN protocols.

Returns: A VpnConnectionType object representing the specified protocol.

type VpnGatewayLocalVpnEndpoint added in v0.0.50 

type VpnGatewayLocalVpnEndpoint interface {
	ILocalVpnEndpoint
	// The VPN gateway that serves as the local end of a VPN connection.
	VpnGateway() awsec2.IVpnGateway
	// Produces a configuration that can be used when configuring the local end of a VPN connection.
	Bind(_scope constructs.IConstruct) *LocalVpnEndpointConfiguration
}

Specifies a VPN connection endpoint which routes to a VPN gateway on the AWS side.

func NewVpnGatewayLocalVpnEndpoint added in v0.0.50 

func NewVpnGatewayLocalVpnEndpoint(vpnGateway awsec2.IVpnGateway) VpnGatewayLocalVpnEndpoint

Creates a new instance of the VpnGatewayLocalVpnEndpoint class.

func VpnConnectionLocalEndpoint_FromVpnGateway added in v0.0.50 

func VpnConnectionLocalEndpoint_FromVpnGateway(vpnGateway awsec2.IVpnGateway) VpnGatewayLocalVpnEndpoint

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.