daniel/agent-claw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d68ddab8a28f82e6f70c50cd97ba866ae608740e
agent-claw/cdk/node_modules/aws-cdk-lib/aws-ec2/lib/nat.d.ts
daniel 732b00fb66 agent-claw: automated task changes
2026-05-06 18:55:16 -05:00

315 lines
11 KiB
TypeScript
Raw Blame History

import type { IConnectable } from './connections';
import { Connections } from './connections';
import { Instance } from './instance';
import type { InstanceType } from './instance-types';
import type { IKeyPair } from './key-pair';
import type { CpuCredits } from './launch-template';
import type { IMachineImage } from './machine-image';
import { LookupMachineImage } from './machine-image';
import type { ISecurityGroup } from './security-group';
import { UserData } from './user-data';
import type { PrivateSubnet, PublicSubnet, Vpc } from './vpc';
/**
* Direction of traffic to allow all by default.
*/
export declare enum NatTrafficDirection {
/**
* Allow all outbound traffic and disallow all inbound traffic.
*/
OUTBOUND_ONLY = "OUTBOUND_ONLY",
/**
* Allow all outbound and inbound traffic.
*/
INBOUND_AND_OUTBOUND = "INBOUND_AND_OUTBOUND",
/**
* Disallow all outbound and inbound traffic.
*/
NONE = "NONE"
}
/**
* Pair represents a gateway created by NAT Provider
*/
export interface GatewayConfig {
/**
* Availability Zone
*/
readonly az: string;
/**
* Identity of gateway spawned by the provider
*/
readonly gatewayId: string;
}
/**
* NAT providers
*
* Determines what type of NAT provider to create, either NAT gateways or NAT
* instance.
*
*
*/
export declare abstract class NatProvider {
/**
* Use NAT Gateways to provide NAT services for your VPC
*
* NAT gateways are managed by AWS.
*
* @see https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html
*/
static gateway(props?: NatGatewayProps): NatProvider;
/**
* Use NAT instances to provide NAT services for your VPC
*
* NAT instances are managed by you, but in return allow more configuration.
*
* Be aware that instances created using this provider will not be
* automatically replaced if they are stopped for any reason. You should implement
* your own NatProvider based on AutoScaling groups if you need that.
*
* @see https://docs.aws.amazon.com/vpc/latest/userguide/VPC_NAT_Instance.html
*
* @deprecated use instanceV2. 'instance' is deprecated since NatInstanceProvider
* uses a instance image that has reached EOL on Dec 31 2023
*/
static instance(props: NatInstanceProps): NatInstanceProvider;
/**
* Use NAT instances to provide NAT services for your VPC
*
* NAT instances are managed by you, but in return allow more configuration.
*
* Be aware that instances created using this provider will not be
* automatically replaced if they are stopped for any reason. You should implement
* your own NatProvider based on AutoScaling groups if you need that.
*
* @see https://docs.aws.amazon.com/vpc/latest/userguide/VPC_NAT_Instance.html
*/
static instanceV2(props: NatInstanceProps): NatInstanceProviderV2;
/**
* Return list of gateways spawned by the provider
*/
abstract readonly configuredGateways: GatewayConfig[];
/**
* Called by the VPC to configure NAT
*
* Don't call this directly, the VPC will call it automatically.
*/
abstract configureNat(options: ConfigureNatOptions): void;
/**
* Configures subnet with the gateway
*
* Don't call this directly, the VPC will call it automatically.
*/
abstract configureSubnet(subnet: PrivateSubnet): void;
}
/**
* Options passed by the VPC when NAT needs to be configured
*
*
*/
export interface ConfigureNatOptions {
/**
* The VPC we're configuring NAT for
*/
readonly vpc: Vpc;
/**
* The public subnets where the NAT providers need to be placed
*/
readonly natSubnets: PublicSubnet[];
/**
* The private subnets that need to route through the NAT providers.
*
* There may be more private subnets than public subnets with NAT providers.
*/
readonly privateSubnets: PrivateSubnet[];
}
/**
* Properties for a NAT gateway
*
*/
export interface NatGatewayProps {
/**
* EIP allocation IDs for the NAT gateways
*
* @default - No fixed EIPs allocated for the NAT gateways
*/
readonly eipAllocationIds?: string[];
}
/**
* Properties for a NAT instance
*
*
*/
export interface NatInstanceProps {
/**
* The machine image (AMI) to use
*
* By default, will do an AMI lookup for the latest NAT instance image.
*
* If you have a specific AMI ID you want to use, pass a `GenericLinuxImage`. For example:
*
* ```ts
* ec2.NatProvider.instance({
* instanceType: new ec2.InstanceType('t3.micro'),
* machineImage: new ec2.GenericLinuxImage({
* 'us-east-2': 'ami-0f9c61b5a562a16af'
* })
* })
* ```
*
* @default - Latest NAT instance image
*/
readonly machineImage?: IMachineImage;
/**
* Instance type of the NAT instance
*/
readonly instanceType: InstanceType;
/**
* Whether to associate a public IP address to the primary network interface attached to this instance.
*
* @default undefined - No public IP address associated
*/
readonly associatePublicIpAddress?: boolean;
/**
* Name of SSH keypair to grant access to instance
*
* @default - No SSH access will be possible.
* @deprecated - Use `keyPair` instead - https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ec2-readme.html#using-an-existing-ec2-key-pair
*/
readonly keyName?: string;
/**
* The SSH keypair to grant access to the instance.
*
* @default - No SSH access will be possible.
*/
readonly keyPair?: IKeyPair;
/**
* Security Group for NAT instances
*
* @default - A new security group will be created
* @deprecated - Cannot create a new security group before the VPC is created,
* and cannot create the VPC without the NAT provider.
* Set {@link defaultAllowedTraffic} to {@link NatTrafficDirection.NONE}
* and use {@link NatInstanceProviderV2.gatewayInstances} to retrieve
* the instances on the fly and add security groups
*
* @example
* const natGatewayProvider = ec2.NatProvider.instanceV2({
* instanceType: new ec2.InstanceType('t3.small'),
* defaultAllowedTraffic: ec2.NatTrafficDirection.NONE,
* });
* const vpc = new ec2.Vpc(this, 'Vpc', { natGatewayProvider });
*
* const securityGroup = new ec2.SecurityGroup(this, 'SecurityGroup', {
* vpc,
* allowAllOutbound: false,
* });
* securityGroup.addEgressRule(ec2.Peer.anyIpv4(), ec2.Port.tcp(443));
* for (const gatewayInstance of natGatewayProvider.gatewayInstances) {
* gatewayInstance.addSecurityGroup(securityGroup);
* }
*/
readonly securityGroup?: ISecurityGroup;
/**
* Direction to allow all traffic through the NAT instance by default.
*
* By default, inbound and outbound traffic is allowed.
*
* If you set this to another value than INBOUND_AND_OUTBOUND, you must
* configure the NAT instance's security groups in another way, either by
* passing in a fully configured Security Group using the `securityGroup`
* property, or by configuring it using the `.securityGroup` or
* `.connections` members after passing the NAT Instance Provider to a Vpc.
*
* @default NatTrafficDirection.INBOUND_AND_OUTBOUND
*/
readonly defaultAllowedTraffic?: NatTrafficDirection;
/**
* Specifying the CPU credit type for burstable EC2 instance types (T2, T3, T3a, etc).
* The unlimited CPU credit option is not supported for T3 instances with dedicated host (`host`) tenancy.
*
* @default - T2 instances are standard, while T3, T4g, and T3a instances are unlimited.
*/
readonly creditSpecification?: CpuCredits;
/**
* Custom user data to run on the NAT instances
*
* @default UserData.forLinux().addCommands(...NatInstanceProviderV2.DEFAULT_USER_DATA_COMMANDS); - Appropriate user data commands to initialize and configure the NAT instances
* @see https://docs.aws.amazon.com/vpc/latest/userguide/VPC_NAT_Instance.html#create-nat-ami
*/
readonly userData?: UserData;
}
/**
* Provider for NAT Gateways
*/
export declare class NatGatewayProvider extends NatProvider {
private readonly props;
private gateways;
constructor(props?: NatGatewayProps);
configureNat(options: ConfigureNatOptions): void;
configureSubnet(subnet: PrivateSubnet): void;
get configuredGateways(): GatewayConfig[];
}
/**
* NAT provider which uses NAT Instances
*
* @deprecated use NatInstanceProviderV2. NatInstanceProvider is deprecated since
* the instance image used has reached EOL on Dec 31 2023
*/
export declare class NatInstanceProvider extends NatProvider implements IConnectable {
private readonly props;
private gateways;
private _securityGroup?;
private _connections?;
constructor(props: NatInstanceProps);
configureNat(options: ConfigureNatOptions): void;
/**
* The Security Group associated with the NAT instances
*/
get securityGroup(): ISecurityGroup;
/**
* Manage the Security Groups associated with the NAT instances
*/
get connections(): Connections;
get configuredGateways(): GatewayConfig[];
configureSubnet(subnet: PrivateSubnet): void;
}
/**
* Modern NAT provider which uses NAT Instances.
* The instance uses Amazon Linux 2023 as the operating system.
*/
export declare class NatInstanceProviderV2 extends NatProvider implements IConnectable {
private readonly props;
/**
* Amazon Linux 2023 NAT instance user data commands
* Enable iptables on the instance, enable persistent IP forwarding, configure NAT on instance
* @see https://docs.aws.amazon.com/vpc/latest/userguide/VPC_NAT_Instance.html#create-nat-ami
*/
static readonly DEFAULT_USER_DATA_COMMANDS: string[];
private gateways;
private _securityGroup?;
private _connections?;
/**
* Array of gateway instances spawned by the provider after internal configuration
*/
get gatewayInstances(): Instance[];
constructor(props: NatInstanceProps);
configureNat(options: ConfigureNatOptions): void;
/**
* The Security Group associated with the NAT instances
*/
get securityGroup(): ISecurityGroup;
/**
* Manage the Security Groups associated with the NAT instances
*/
get connections(): Connections;
get configuredGateways(): GatewayConfig[];
configureSubnet(subnet: PrivateSubnet): void;
}
/**
* Machine image representing the latest NAT instance image
*
*
*/
export declare class NatInstanceImage extends LookupMachineImage {
constructor();
}
Reference in New Issue View Git Blame Copy Permalink