UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

115 lines (114 loc) 3.49 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
import { Construct } from 'constructs'; import { ArnPrincipal } from '../../aws-iam'; import { IResource, Resource } from '../../core'; /** * A load balancer that can host a VPC Endpoint Service * */ export interface IVpcEndpointServiceLoadBalancer { /** * The ARN of the load balancer that hosts the VPC Endpoint Service * * @attribute */ readonly loadBalancerArn: string; } /** * A VPC endpoint service. * */ export interface IVpcEndpointService extends IResource { /** * The service name of the VPC Endpoint Service that clients use to connect to, * like com.amazonaws.vpce.<region>.vpce-svc-xxxxxxxxxxxxxxxx * * @attribute */ readonly vpcEndpointServiceName: string; /** * The id of the VPC Endpoint Service that clients use to connect to, * like vpce-svc-xxxxxxxxxxxxxxxx * * @attribute */ readonly vpcEndpointServiceId: string; } /** * A VPC endpoint service * @resource AWS::EC2::VPCEndpointService * */ export declare class VpcEndpointService extends Resource implements IVpcEndpointService { /** * The default value for a VPC Endpoint Service name prefix, useful if you do * not have a synthesize-time region literal available (all you have is * `{ "Ref": "AWS::Region" }`) */ static readonly DEFAULT_PREFIX = "com.amazonaws.vpce"; /** * One or more network load balancers to host the service. * @attribute */ readonly vpcEndpointServiceLoadBalancers: IVpcEndpointServiceLoadBalancer[]; /** * Whether to require manual acceptance of new connections to the service. * */ readonly acceptanceRequired: boolean; /** * Whether to enable the built-in Contributor Insights rules provided by AWS PrivateLink. * */ readonly contributorInsightsEnabled?: boolean; /** * One or more Principal ARNs to allow inbound connections to. * */ readonly allowedPrincipals: ArnPrincipal[]; /** * The id of the VPC Endpoint Service, like vpce-svc-xxxxxxxxxxxxxxxx. * @attribute */ readonly vpcEndpointServiceId: string; /** * The service name of the VPC Endpoint Service that clients use to connect to, * like com.amazonaws.vpce.<region>.vpce-svc-xxxxxxxxxxxxxxxx * * @attribute */ readonly vpcEndpointServiceName: string; private readonly endpointService; constructor(scope: Construct, id: string, props: VpcEndpointServiceProps); } /** * Construction properties for a VpcEndpointService. * */ export interface VpcEndpointServiceProps { /** * One or more load balancers to host the VPC Endpoint Service. * */ readonly vpcEndpointServiceLoadBalancers: IVpcEndpointServiceLoadBalancer[]; /** * Whether requests from service consumers to connect to the service through * an endpoint must be accepted. * @default true * */ readonly acceptanceRequired?: boolean; /** * Indicates whether to enable the built-in Contributor Insights rules provided by AWS PrivateLink. * @default false * */ readonly contributorInsights?: boolean; /** * IAM users, IAM roles, or AWS accounts to allow inbound connections from. * These principals can connect to your service using VPC endpoints. Takes a * list of one or more ArnPrincipal. * @default - no principals * */ readonly allowedPrincipals?: ArnPrincipal[]; }