Peer

class aws_cdk.aws_ec2.Peer

Bases: object

Peer object factories (to be used in Security Group management).

The static methods on this object can be used to create peer objects which represent a connection partner in Security Group rules.

Use this object if you need to represent connection partners using plain IP addresses, or a prefix list ID.

If you want to address a connection partner by Security Group, you can just use the Security Group (or the construct that contains a Security Group) directly, as it already implements IPeer.

ExampleMetadata:

infused

Example:

nat_gateway_provider = ec2.NatProvider.instance_v2(
    instance_type=ec2.InstanceType("t3.small"),
    default_allowed_traffic=ec2.NatTrafficDirection.NONE
)
vpc = ec2.Vpc(self, "Vpc", nat_gateway_provider=nat_gateway_provider)

security_group = ec2.SecurityGroup(self, "SecurityGroup",
    vpc=vpc,
    allow_all_outbound=False
)
security_group.add_egress_rule(ec2.Peer.any_ipv4(), ec2.Port.tcp(443))
for gateway_instance in nat_gateway_provider.gateway_instances:
    gateway_instance.add_security_group(security_group)

Static Methods

classmethod any_ipv4()

Any IPv4 address.

Return type:

IPeer

classmethod any_ipv6()

Any IPv6 address.

Return type:

IPeer

classmethod ipv4(cidr_ip)

Create an IPv4 peer from a CIDR.

Parameters:

cidr_ip (str)

Return type:

IPeer

classmethod ipv6(cidr_ip)

Create an IPv6 peer from a CIDR.

Parameters:

cidr_ip (str)

Return type:

IPeer

classmethod prefix_list(prefix_list_id)

A prefix list.

Parameters:

prefix_list_id (str)

Return type:

IPeer

classmethod security_group_id(security_group_id, source_security_group_owner_id=None)

A security group ID.

Parameters:

• security_group_id (str)

• source_security_group_owner_id (Optional[str])

Return type:

IPeer