Package software.amazon.awscdk.services.ec2

Class CfnVPCEncryptionControl

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.CfnElement
software.amazon.awscdk.CfnRefElement
software.amazon.awscdk.CfnResource
software.amazon.awscdk.services.ec2.CfnVPCEncryptionControl
All Implemented Interfaces:
IInspectable, IVPCEncryptionControlRef, IEnvironmentAware, ITaggableV2, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable
@Generated(value="jsii-pacmak/1.119.0 (build 1634eac)", date="2025-12-01T16:02:19.266Z") @Stability(Stable) public class CfnVPCEncryptionControl extends CfnResource implements IInspectable, IVPCEncryptionControlRef, ITaggableV2
Describes the configuration and state of VPC encryption controls.

For more information, see Enforce VPC encryption in transit in the Amazon VPC User Guide .

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.ec2.*;
 CfnVPCEncryptionControl cfnVPCEncryptionControl = CfnVPCEncryptionControl.Builder.create(this, "MyCfnVPCEncryptionControl")
         .egressOnlyInternetGatewayExclusionInput("egressOnlyInternetGatewayExclusionInput")
         .elasticFileSystemExclusionInput("elasticFileSystemExclusionInput")
         .internetGatewayExclusionInput("internetGatewayExclusionInput")
         .lambdaExclusionInput("lambdaExclusionInput")
         .mode("mode")
         .natGatewayExclusionInput("natGatewayExclusionInput")
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .virtualPrivateGatewayExclusionInput("virtualPrivateGatewayExclusionInput")
         .vpcId("vpcId")
         .vpcLatticeExclusionInput("vpcLatticeExclusionInput")
         .vpcPeeringExclusionInput("vpcPeeringExclusionInput")
         .build();

See Also:

  • Field Details

    • CFN_RESOURCE_TYPE_NAME

      @Stability(Stable) public static final String CFN_RESOURCE_TYPE_NAME
      The CloudFormation resource type name for this resource class.

  • Constructor Details

    • CfnVPCEncryptionControl

      protected CfnVPCEncryptionControl(software.amazon.jsii.JsiiObjectRef objRef)

    • CfnVPCEncryptionControl

      protected CfnVPCEncryptionControl(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • CfnVPCEncryptionControl

      @Stability(Stable) public CfnVPCEncryptionControl(@NotNull software.constructs.Construct scope, @NotNull String id, @Nullable CfnVPCEncryptionControlProps props)
      Create a new AWS::EC2::VPCEncryptionControl.

      Parameters:
      scope - Scope in which this resource is defined. This parameter is required.
      id - Construct identifier for this resource (unique in its scope). This parameter is required.
      props - Resource properties.

    • CfnVPCEncryptionControl

      @Stability(Stable) public CfnVPCEncryptionControl(@NotNull software.constructs.Construct scope, @NotNull String id)
      Create a new AWS::EC2::VPCEncryptionControl.

      Parameters:
      scope - Scope in which this resource is defined. This parameter is required.
      id - Construct identifier for this resource (unique in its scope). This parameter is required.

  • Method Details

    • isCfnVPCEncryptionControl

      @Stability(Stable) @NotNull public static Boolean isCfnVPCEncryptionControl(@NotNull Object x)
      Checks whether the given object is a CfnVPCEncryptionControl.

      Parameters:
      x - This parameter is required.

    • inspect

      @Stability(Stable) public void inspect(@NotNull TreeInspector inspector)
      Examines the CloudFormation resource and discloses attributes.

      Specified by:
      inspect in interface IInspectable
      Parameters:
      inspector - tree inspector to collect and process attributes. This parameter is required.

    • renderProperties

      @Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
      Overrides:
      renderProperties in class CfnResource
      Parameters:
      props - This parameter is required.

    • getAttrResourceExclusions

      @Stability(Stable) @NotNull public IResolvable getAttrResourceExclusions()

    • getAttrResourceExclusionsEgressOnlyInternetGateway

      @Stability(Stable) @NotNull public IResolvable getAttrResourceExclusionsEgressOnlyInternetGateway()
      Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement.

    • getAttrResourceExclusionsEgressOnlyInternetGatewayState

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsEgressOnlyInternetGatewayState()
      The current state of the exclusion configuration.

    • getAttrResourceExclusionsEgressOnlyInternetGatewayStateMessage

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsEgressOnlyInternetGatewayStateMessage()
      A message providing additional information about the exclusion state.

    • getAttrResourceExclusionsElasticFileSystem

      @Stability(Stable) @NotNull public IResolvable getAttrResourceExclusionsElasticFileSystem()
      Specifies whether to exclude Elastic File System traffic from encryption enforcement.

    • getAttrResourceExclusionsElasticFileSystemState

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsElasticFileSystemState()
      The current state of the exclusion configuration.

    • getAttrResourceExclusionsElasticFileSystemStateMessage

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsElasticFileSystemStateMessage()
      A message providing additional information about the exclusion state.

    • getAttrResourceExclusionsInternetGateway

      @Stability(Stable) @NotNull public IResolvable getAttrResourceExclusionsInternetGateway()
      Specifies whether to exclude internet gateway traffic from encryption enforcement.

    • getAttrResourceExclusionsInternetGatewayState

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsInternetGatewayState()
      The current state of the exclusion configuration.

    • getAttrResourceExclusionsInternetGatewayStateMessage

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsInternetGatewayStateMessage()
      A message providing additional information about the exclusion state.

    • getAttrResourceExclusionsLambda

      @Stability(Stable) @NotNull public IResolvable getAttrResourceExclusionsLambda()
      Specifies whether to exclude Lambda function traffic from encryption enforcement.

    • getAttrResourceExclusionsLambdaState

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsLambdaState()
      The current state of the exclusion configuration.

    • getAttrResourceExclusionsLambdaStateMessage

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsLambdaStateMessage()
      A message providing additional information about the exclusion state.

    • getAttrResourceExclusionsNatGateway

      @Stability(Stable) @NotNull public IResolvable getAttrResourceExclusionsNatGateway()
      Specifies whether to exclude NAT gateway traffic from encryption enforcement.

    • getAttrResourceExclusionsNatGatewayState

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsNatGatewayState()
      The current state of the exclusion configuration.

    • getAttrResourceExclusionsNatGatewayStateMessage

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsNatGatewayStateMessage()
      A message providing additional information about the exclusion state.

    • getAttrResourceExclusionsVirtualPrivateGateway

      @Stability(Stable) @NotNull public IResolvable getAttrResourceExclusionsVirtualPrivateGateway()
      Specifies whether to exclude virtual private gateway traffic from encryption enforcement.

    • getAttrResourceExclusionsVirtualPrivateGatewayState

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsVirtualPrivateGatewayState()
      The current state of the exclusion configuration.

    • getAttrResourceExclusionsVirtualPrivateGatewayStateMessage

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsVirtualPrivateGatewayStateMessage()
      A message providing additional information about the exclusion state.

    • getAttrResourceExclusionsVpcLattice

      @Stability(Stable) @NotNull public IResolvable getAttrResourceExclusionsVpcLattice()
      Specifies whether to exclude VPC Lattice traffic from encryption enforcement.

    • getAttrResourceExclusionsVpcLatticeState

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsVpcLatticeState()
      The current state of the exclusion configuration.

    • getAttrResourceExclusionsVpcLatticeStateMessage

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsVpcLatticeStateMessage()
      A message providing additional information about the exclusion state.

    • getAttrResourceExclusionsVpcPeering

      @Stability(Stable) @NotNull public IResolvable getAttrResourceExclusionsVpcPeering()
      Specifies whether to exclude VPC peering connection traffic from encryption enforcement.

    • getAttrResourceExclusionsVpcPeeringState

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsVpcPeeringState()
      The current state of the exclusion configuration.

    • getAttrResourceExclusionsVpcPeeringStateMessage

      @Stability(Stable) @NotNull public String getAttrResourceExclusionsVpcPeeringStateMessage()
      A message providing additional information about the exclusion state.

    • getAttrState

      @Stability(Stable) @NotNull public String getAttrState()
      The current state of the VPC Encryption Control configuration.

    • getAttrStateMessage

      @Stability(Stable) @NotNull public String getAttrStateMessage()
      A message providing additional information about the encryption control state.

    • getAttrVpcEncryptionControlId

      @Stability(Stable) @NotNull public String getAttrVpcEncryptionControlId()
      The ID of the VPC Encryption Control configuration.

    • getCdkTagManager

      @Stability(Stable) @NotNull public TagManager getCdkTagManager()
      Tag Manager which manages the tags for this resource.
      Specified by:
      getCdkTagManager in interface ITaggableV2

    • getCfnProperties

      @Stability(Stable) @NotNull protected Map<String,Object> getCfnProperties()
      Overrides:
      getCfnProperties in class CfnResource

    • getVpcEncryptionControlRef

      @Stability(Stable) @NotNull public VPCEncryptionControlReference getVpcEncryptionControlRef()
      A reference to a VPCEncryptionControl resource.
      Specified by:
      getVpcEncryptionControlRef in interface IVPCEncryptionControlRef

    • getEgressOnlyInternetGatewayExclusionInput

      @Stability(Stable) @Nullable public String getEgressOnlyInternetGatewayExclusionInput()
      Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement.

    • setEgressOnlyInternetGatewayExclusionInput

      @Stability(Stable) public void setEgressOnlyInternetGatewayExclusionInput(@Nullable String value)
      Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement.

    • getElasticFileSystemExclusionInput

      @Stability(Stable) @Nullable public String getElasticFileSystemExclusionInput()
      Specifies whether to exclude Elastic File System traffic from encryption enforcement.

    • setElasticFileSystemExclusionInput

      @Stability(Stable) public void setElasticFileSystemExclusionInput(@Nullable String value)
      Specifies whether to exclude Elastic File System traffic from encryption enforcement.

    • getInternetGatewayExclusionInput

      @Stability(Stable) @Nullable public String getInternetGatewayExclusionInput()
      Specifies whether to exclude internet gateway traffic from encryption enforcement.

    • setInternetGatewayExclusionInput

      @Stability(Stable) public void setInternetGatewayExclusionInput(@Nullable String value)
      Specifies whether to exclude internet gateway traffic from encryption enforcement.

    • getLambdaExclusionInput

      @Stability(Stable) @Nullable public String getLambdaExclusionInput()
      Specifies whether to exclude Lambda function traffic from encryption enforcement.

    • setLambdaExclusionInput

      @Stability(Stable) public void setLambdaExclusionInput(@Nullable String value)
      Specifies whether to exclude Lambda function traffic from encryption enforcement.

    • getMode

      @Stability(Stable) @Nullable public String getMode()
      The encryption mode for the VPC Encryption Control configuration.

    • setMode

      @Stability(Stable) public void setMode(@Nullable String value)
      The encryption mode for the VPC Encryption Control configuration.

    • getNatGatewayExclusionInput

      @Stability(Stable) @Nullable public String getNatGatewayExclusionInput()
      Specifies whether to exclude NAT gateway traffic from encryption enforcement.

    • setNatGatewayExclusionInput

      @Stability(Stable) public void setNatGatewayExclusionInput(@Nullable String value)
      Specifies whether to exclude NAT gateway traffic from encryption enforcement.

    • getTags

      @Stability(Stable) @Nullable public List<CfnTag> getTags()
      The tags assigned to the VPC Encryption Control configuration.

    • setTags

      @Stability(Stable) public void setTags(@Nullable List<CfnTag> value)
      The tags assigned to the VPC Encryption Control configuration.

    • getVirtualPrivateGatewayExclusionInput

      @Stability(Stable) @Nullable public String getVirtualPrivateGatewayExclusionInput()
      Specifies whether to exclude virtual private gateway traffic from encryption enforcement.

    • setVirtualPrivateGatewayExclusionInput

      @Stability(Stable) public void setVirtualPrivateGatewayExclusionInput(@Nullable String value)
      Specifies whether to exclude virtual private gateway traffic from encryption enforcement.

    • getVpcId

      @Stability(Stable) @Nullable public String getVpcId()
      The ID of the VPC for which to create the encryption control configuration.

    • setVpcId

      @Stability(Stable) public void setVpcId(@Nullable String value)
      The ID of the VPC for which to create the encryption control configuration.

    • getVpcLatticeExclusionInput

      @Stability(Stable) @Nullable public String getVpcLatticeExclusionInput()
      Specifies whether to exclude VPC Lattice traffic from encryption enforcement.

    • setVpcLatticeExclusionInput

      @Stability(Stable) public void setVpcLatticeExclusionInput(@Nullable String value)
      Specifies whether to exclude VPC Lattice traffic from encryption enforcement.

    • getVpcPeeringExclusionInput

      @Stability(Stable) @Nullable public String getVpcPeeringExclusionInput()
      Specifies whether to exclude VPC peering connection traffic from encryption enforcement.

    • setVpcPeeringExclusionInput

      @Stability(Stable) public void setVpcPeeringExclusionInput(@Nullable String value)
      Specifies whether to exclude VPC peering connection traffic from encryption enforcement.