View a markdown version of this page

AWS::EC2::VPCEncryptionControl - AWS CloudFormation

This is the new CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.

AWS::EC2::VPCEncryptionControl

Describes the configuration and state of VPC encryption controls.

For more information, see Enforce VPC encryption in transit in the Amazon VPC User Guide.

Syntax

To declare this entity in your CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::EC2::VPCEncryptionControl", "Properties" : { "EgressOnlyInternetGatewayExclusionInput" : String, "ElasticFileSystemExclusionInput" : String, "InternetGatewayExclusionInput" : String, "LambdaExclusionInput" : String, "Mode" : String, "NatGatewayExclusionInput" : String, "Tags" : [ Tag, ... ], "VirtualPrivateGatewayExclusionInput" : String, "VpcId" : String, "VpcLatticeExclusionInput" : String, "VpcPeeringExclusionInput" : String } }

Properties

EgressOnlyInternetGatewayExclusionInput

Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement.

Required: No

Type: String

Allowed values: enable | disable

Update requires: No interruption

ElasticFileSystemExclusionInput

Specifies whether to exclude Elastic File System traffic from encryption enforcement.

Required: No

Type: String

Allowed values: enable | disable

Update requires: No interruption

InternetGatewayExclusionInput

Specifies whether to exclude internet gateway traffic from encryption enforcement.

Required: No

Type: String

Allowed values: enable | disable

Update requires: No interruption

LambdaExclusionInput

Specifies whether to exclude Lambda function traffic from encryption enforcement.

Required: No

Type: String

Allowed values: enable | disable

Update requires: No interruption

Mode

The encryption mode for the VPC Encryption Control configuration.

Required: No

Type: String

Allowed values: monitor | enforce

Update requires: No interruption

NatGatewayExclusionInput

Specifies whether to exclude NAT gateway traffic from encryption enforcement.

Required: No

Type: String

Allowed values: enable | disable

Update requires: No interruption

Tags

The tags assigned to the VPC Encryption Control configuration.

Required: No

Type: Array of Tag

Update requires: No interruption

VirtualPrivateGatewayExclusionInput

Specifies whether to exclude virtual private gateway traffic from encryption enforcement.

Required: No

Type: String

Allowed values: enable | disable

Update requires: No interruption

VpcId

The ID of the VPC for which to create the encryption control configuration.

Required: No

Type: String

Update requires: Replacement

VpcLatticeExclusionInput

Specifies whether to exclude VPC Lattice traffic from encryption enforcement.

Required: No

Type: String

Allowed values: enable | disable

Update requires: No interruption

VpcPeeringExclusionInput

Specifies whether to exclude VPC peering connection traffic from encryption enforcement.

Required: No

Type: String

Allowed values: enable | disable

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the VPC Encryption Control ID.

For more information about using the Ref function, see Ref.

Fn::GetAtt

Describes the configuration and state of VPC encryption controls.

For more information, see Enforce VPC encryption in transit in the Amazon VPC User Guide.

ResourceExclusions.EgressOnlyInternetGateway.State

The current state of the exclusion configuration.

ResourceExclusions.EgressOnlyInternetGateway.StateMessage

A message providing additional information about the exclusion state.

ResourceExclusions.ElasticFileSystem.State

The current state of the exclusion configuration.

ResourceExclusions.ElasticFileSystem.StateMessage

A message providing additional information about the exclusion state.

ResourceExclusions.InternetGateway.State

The current state of the exclusion configuration.

ResourceExclusions.InternetGateway.StateMessage

A message providing additional information about the exclusion state.

ResourceExclusions.Lambda.State

The current state of the exclusion configuration.

ResourceExclusions.Lambda.StateMessage

A message providing additional information about the exclusion state.

ResourceExclusions.NatGateway.State

The current state of the exclusion configuration.

ResourceExclusions.NatGateway.StateMessage

A message providing additional information about the exclusion state.

ResourceExclusions.VirtualPrivateGateway.State

The current state of the exclusion configuration.

ResourceExclusions.VirtualPrivateGateway.StateMessage

A message providing additional information about the exclusion state.

ResourceExclusions.VpcLattice.State

The current state of the exclusion configuration.

ResourceExclusions.VpcLattice.StateMessage

A message providing additional information about the exclusion state.

ResourceExclusions.VpcPeering.State

The current state of the exclusion configuration.

ResourceExclusions.VpcPeering.StateMessage

A message providing additional information about the exclusion state.

State

The current state of the VPC Encryption Control configuration.

StateMessage

A message providing additional information about the encryption control state.

VpcEncryptionControlId

The ID of the VPC Encryption Control configuration.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Did this page help you? - Yes

Thanks for letting us know we're doing a good job!

If you've got a moment, please tell us what we did right so we can do more of it.

Did this page help you? - No

Thanks for letting us know this page needs work. We're sorry we let you down.

If you've got a moment, please tell us how we can make the documentation better.

AltStyle によって変換されたページ (->オリジナル) /