Package software.amazon.awscdk.services.ec2

Class BastionHostLinux

java.lang.Object

software.amazon.jsii.JsiiObject

software.constructs.Construct

software.amazon.awscdk.Resource

software.amazon.awscdk.services.ec2.BastionHostLinux

All Implemented Interfaces:

IResource, IConnectable, IInstance, IInstanceRef, IGrantable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable

@Generated(value="jsii-pacmak/1.113.0 (build fc68b25)",
           date="2025-10-14T12:28:09.084Z")
@Stability(Stable)
public class BastionHostLinux
extends Resource
implements IInstance

This creates a linux bastion host you can use to connect to other instances or services in your VPC.

The recommended way to connect to the bastion host is by using AWS Systems Manager Session Manager.

The operating system is Amazon Linux 2 with the latest SSM agent installed

You can also configure this bastion host to allow connections via SSH

Example:

 BastionHostLinux host = BastionHostLinux.Builder.create(this, "BastionHost")
         .vpc(vpc)
         .blockDevices(List.of(BlockDevice.builder()
                 .deviceName("/dev/sdh")
                 .volume(BlockDeviceVolume.ebs(10, EbsDeviceOptions.builder()
                         .encrypted(true)
                         .build()))
                 .build()))
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static final class	BastionHostLinux.Builder	A fluent builder for BastionHostLinux.

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.constructs.IConstruct

software.constructs.IConstruct.Jsii$Default

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.ec2.IInstance

IInstance.Jsii$Default, IInstance.Jsii$Proxy

Nested classes/interfaces inherited from interface software.amazon.awscdk.IResource

IResource.Jsii$Default

Field Summary

Fields

Modifier and Type	Field	Description
static final String	PROPERTY_INJECTION_ID	Uniquely identifies this class.

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	BastionHostLinux(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	BastionHostLinux(software.amazon.jsii.JsiiObjectRef objRef)
	BastionHostLinux(software.constructs.Construct scope, String id, BastionHostLinuxProps props)

Method Summary

Modifier and Type	Method	Description
void	allowSshAccessFrom(IPeer... peer)	Allow SSH access from the given peer or peers.
Connections	getConnections()	Allows specify security group connections for the instance.
IPrincipal	getGrantPrincipal()	The principal to grant permissions to.
Instance	getInstance()	The underlying instance resource.
String	getInstanceAvailabilityZone()	The availability zone the instance was launched in.
String	getInstanceId()	The instance's ID.
String	getInstancePrivateDnsName()	Private DNS name for this instance.
String	getInstancePrivateIp()	Private IP for this instance.
String	getInstancePublicDnsName()	Publicly-routable DNS name for this instance.
String	getInstancePublicIp()	Publicly-routable IP address for this instance.
InstanceReference	getInstanceRef()	A reference to a Instance resource.
IRole	getRole()	The IAM role assumed by the instance.
Stack	getStack()	The stack in which this resource is defined.

Methods inherited from class software.amazon.awscdk.Resource

applyRemovalPolicy, generatePhysicalName, getEnv, getPhysicalName, getResourceArnAttribute, getResourceNameAttribute, isOwnedResource, isResource

Methods inherited from class software.constructs.Construct

getNode, isConstruct, toString

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.awscdk.services.ec2.IInstance

getNode

Methods inherited from interface software.amazon.awscdk.IResource

applyRemovalPolicy, getEnv

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Field Details

PROPERTY_INJECTION_ID

@Stability(Stable)
public static final String PROPERTY_INJECTION_ID

Uniquely identifies this class.

Constructor Details

BastionHostLinux

protected BastionHostLinux(software.amazon.jsii.JsiiObjectRef objRef)

BastionHostLinux

protected BastionHostLinux(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

BastionHostLinux

@Stability(Stable)
public BastionHostLinux(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 BastionHostLinuxProps props)

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

Method Details

allowSshAccessFrom

@Stability(Stable)
public void allowSshAccessFrom(@NotNull
 IPeer... peer)

Allow SSH access from the given peer or peers.

Necessary if you want to connect to the instance using ssh. If not called, you should use SSM Session Manager to connect to the instance.

Parameters:

peer - This parameter is required.

getConnections

@Stability(Stable)
@NotNull
public Connections getConnections()

Allows specify security group connections for the instance.

Specified by:

getConnections in interface IConnectable

getGrantPrincipal

@Stability(Stable)
@NotNull
public IPrincipal getGrantPrincipal()

The principal to grant permissions to.

Specified by:

getGrantPrincipal in interface IGrantable

getInstance

@Stability(Stable)
@NotNull
public Instance getInstance()

The underlying instance resource.

getInstanceAvailabilityZone

@Stability(Stable)
@NotNull
public String getInstanceAvailabilityZone()

The availability zone the instance was launched in.

Specified by:

getInstanceAvailabilityZone in interface IInstance

getInstanceId

@Stability(Stable)
@NotNull
public String getInstanceId()

The instance's ID.

Specified by:

getInstanceId in interface IInstance

getInstancePrivateDnsName

@Stability(Stable)
@NotNull
public String getInstancePrivateDnsName()

Private DNS name for this instance.

Specified by:

getInstancePrivateDnsName in interface IInstance

getInstancePrivateIp

@Stability(Stable)
@NotNull
public String getInstancePrivateIp()

Private IP for this instance.

Specified by:

getInstancePrivateIp in interface IInstance

getInstancePublicDnsName

@Stability(Stable)
@NotNull
public String getInstancePublicDnsName()

Publicly-routable DNS name for this instance.

(May be an empty string if the instance does not have a public name).

Specified by:

getInstancePublicDnsName in interface IInstance

getInstancePublicIp

@Stability(Stable)
@NotNull
public String getInstancePublicIp()

Publicly-routable IP address for this instance.

(May be an empty string if the instance does not have a public IP).

Specified by:

getInstancePublicIp in interface IInstance

getInstanceRef

@Stability(Stable)
@NotNull
public InstanceReference getInstanceRef()

A reference to a Instance resource.

Specified by:

getInstanceRef in interface IInstanceRef

getRole

@Stability(Stable)
@NotNull
public IRole getRole()

The IAM role assumed by the instance.

getStack

@Stability(Stable)
@NotNull
public Stack getStack()

The stack in which this resource is defined.

Specified by:

getStack in interface IResource

Overrides:

getStack in class Resource