OptionalcommonOptionalcustomCustom init script.
Path to executable custom bash script that will be executed during bastion start-up, and when bastion is running, via cfn-hup upon changes to the script (requires deployment).
Optionalec2Shared EC2 autoscaling role. If not defined a new ServiceLinkedRole for autoscaling will be created.
OptionalenableEnable scheduled shutdown for the bastion host
OptionalinstallList of DNF / YUM packages to be installed
OptionalinstanceInstance class to use to launch the bastion host
OptionalinstanceName of the bastion instance. Will be converted to kebab-case
OptionalinstanceInstance size to use to launch the bastion host
OptionalkmsList of keys to which bastion will be granted read access
OptionalshutdownShutdown schedule. Bastion will be automatically shut down on the schedule Scaling actions use UTC time
NOTE: Be sure to use the correct type: aws-cdk-lib/aws-autoscaling/Schedule
OptionalsshDetails of other EC2 instances that will have SSH access from bastion configured by default. SecurityGroup -level access needs to be configured separately.
OptionalstartupStartup schedule. Bastion will be automatically started on the schedule Scaling actions use UTC time
If defined, scheduled shutdown is also enabled.
NOTE: Be sure to use the correct type: aws-cdk-lib/aws-autoscaling/Schedule
OptionaluseUse the Finnair HBI image as the base image for the bastion. If set to false, will use the latest AmazonLinux 2023 image, this is not recommended
HBI images not fully supported yet! TODO: Check KMS permissions required to use the HBI images with autoscaling
OptionalvpcVPC ID for the bastion host
OptionalvpcSubnets for the bastion host
Topic for common EC2 instance notifications. If not defined, notifications will be disabled.