aws-cdk.aws-ec2-alpha 2.175.1a0__py3-none-any.whl → 2.177.0a0__py3-none-any.whl

aws_cdk/aws_ec2_alpha/__init__.py

@@ -101,6 +101,39 @@ VpcV2(self, "Vpc",
 
 Since `VpcV2` does not create subnets automatically, users have full control over IP addresses allocation across subnets.
 
+### Bring your own IPv6 addresses (BYOIP)
+
+If you have your own IP address that you would like to use with EC2, you can set up an IPv6 pool via the AWS CLI, and use that pool ID in your application.
+
+Once you have certified your IP address block with an ROA and have obtained an X-509 certificate, you can run the following command to provision your CIDR block in your AWS account:
+
+```shell
+aws ec2 provision-byoip-cidr --region <region> --cidr <your CIDR block> --cidr-authorization-context Message="1|aws|<account>|<your CIDR block>|<expiration date>|SHA256".Signature="<signature>"
+```
+
+When your BYOIP CIDR is provisioned, you can run the following command to retrieve your IPv6 pool ID, which will be used in your VPC declaration:
+
+```shell
+aws ec2 describe-byoip-cidr --region <region>
+```
+
+For more help on setting up your IPv6 address, please review the [EC2 Documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html).
+
+Once you have provisioned your address block, you can use the IPv6 in your VPC as follows:
+
+```python
+my_vpc = VpcV2(self, "Vpc",
+    primary_address_block=IpAddresses.ipv4("10.1.0.0/16"),
+    secondary_address_blocks=[IpAddresses.ipv6_byoip_pool(
+        cidr_block_name="MyByoipCidrBlock",
+        ipv6_pool_id="ipv6pool-ec2-someHashValue",
+        ipv6_cidr_block="2001:db8::/32"
+    )],
+    enable_dns_hostnames=True,
+    enable_dns_support=True
+)
+```
+
 ## Routing
 
 `RouteTable` is a new construct that allows for route tables to be customized in a variety of ways. For instance, the following example shows how a custom route table can be created and appended to a subnet:
@@ -297,7 +330,7 @@ acceptor_vpc = VpcV2(self, "VpcA",
 acceptor_role_arn = acceptor_vpc.create_acceptor_vpc_role("000000000000")
 ```
 
-After creating an IAM role in the acceptor account, we can initiate the peering connection request from the requestor VPC. Import accpeptorVpc to the stack using `fromVpcV2Attributes` method, it is recommended to specify owner account id of the acceptor VPC in case of cross account peering connection, if acceptor VPC is hosted in different region provide region value for import as well.
+After creating an IAM role in the acceptor account, we can initiate the peering connection request from the requestor VPC. Import acceptorVpc to the stack using `fromVpcV2Attributes` method, it is recommended to specify owner account id of the acceptor VPC in case of cross account peering connection, if acceptor VPC is hosted in different region provide region value for import as well.
 The following code snippet demonstrates how to set up VPC peering between two VPCs in different AWS accounts using CDK:
 
 ```python
@@ -453,11 +486,11 @@ For more information, see [What is AWS Site-to-Site VPN?](https://docs.aws.amazo
 
 VPN route propagation is a feature in Amazon Web Services (AWS) that automatically updates route tables in your Virtual Private Cloud (VPC) with routes learned from a VPN connection.
 
-To enable VPN route propogation, use the `vpnRoutePropagation` property to specify the subnets as an input to the function. VPN route propagation will then be enabled for each subnet with the corresponding route table IDs.
+To enable VPN route propagation, use the `vpnRoutePropagation` property to specify the subnets as an input to the function. VPN route propagation will then be enabled for each subnet with the corresponding route table IDs.
 
 Additionally, you can set up a route in any route table with the target set to the VPN Gateway. The function `enableVpnGatewayV2` returns a `VPNGatewayV2` object that you can reference later.
 
-The code example below provides the definition for setting up a VPN gateway with `vpnRoutePropogation` enabled:
+The code example below provides the definition for setting up a VPN gateway with `vpnRoutePropagation` enabled:
 
 ```python
 stack = Stack()
@@ -485,7 +518,7 @@ An internet gateway is a horizontally scaled, redundant, and highly available VP
 For more information, see [Enable VPC internet access using internet gateways](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-igw-internet-access.html).
 
 You can add an internet gateway to a VPC using `addInternetGateway` method. By default, this method creates a route in all Public Subnets with outbound destination set to `0.0.0.0` for IPv4 and `::0` for IPv6 enabled VPC.
-Instead of using the default settings, you can configure a custom destinatation range by providing an optional input `destination` to the method.
+Instead of using the default settings, you can configure a custom destination range by providing an optional input `destination` to the method.
 
 The code example below shows how to add an internet gateway with a custom outbound destination IP range:
 
@@ -528,12 +561,12 @@ imported_vpc = VpcV2.from_vpc_v2_attributes(stack, "ImportedVpc",
 
 In case of cross account or cross region VPC, its recommended to provide region and ownerAccountId so that these values for the VPC can be used to populate correct arn value for the VPC. If a VPC region and account ID is not provided, then region and account configured in the stack will be used. Furthermore, these fields will be referenced later while setting up VPC peering connection, so its necessary to set these fields to a correct value.
 
-Below is an example of importing a cross region and cross acount VPC, VPC arn for this case would be 'arn:aws:ec2:us-west-2:123456789012:vpc/mockVpcID'
+Below is an example of importing a cross region and cross account VPC, VPC arn for this case would be 'arn:aws:ec2:us-west-2:123456789012:vpc/mockVpcID'
 
 ```python
 stack = Stack()
 
-# Importing a cross acount or cross region VPC
+# Importing a cross account or cross region VPC
 imported_vpc = VpcV2.from_vpc_v2_attributes(stack, "ImportedVpc",
     vpc_id="mockVpcID",
     vpc_cidr_block="10.0.0.0/16",
@@ -1491,6 +1524,15 @@ class IVPCCidrBlock(typing_extensions.Protocol):
         '''
         ...
 
+    @builtins.property
+    @jsii.member(jsii_name="ipv6CidrBlock")
+    def ipv6_cidr_block(self) -> typing.Optional[builtins.str]:
+        '''(experimental) The IPv6 CIDR block from the specified IPv6 address pool.
+
+        :stability: experimental
+        '''
+        ...
+
     @builtins.property
     @jsii.member(jsii_name="ipv6IpamPoolId")
     def ipv6_ipam_pool_id(self) -> typing.Optional[builtins.str]:
@@ -1500,6 +1542,15 @@ class IVPCCidrBlock(typing_extensions.Protocol):
         '''
         ...
 
+    @builtins.property
+    @jsii.member(jsii_name="ipv6Pool")
+    def ipv6_pool(self) -> typing.Optional[builtins.str]:
+        '''(experimental) The ID of the IPv6 address pool from which to allocate the IPv6 CIDR block.
+
+        :stability: experimental
+        '''
+        ...
+
 
 class _IVPCCidrBlockProxy:
     '''(experimental) Interface to create L2 for VPC Cidr Block.
@@ -1538,6 +1589,15 @@ class _IVPCCidrBlockProxy:
         '''
         return typing.cast(typing.Optional[builtins.str], jsii.get(self, "ipv4IpamPoolId"))
 
+    @builtins.property
+    @jsii.member(jsii_name="ipv6CidrBlock")
+    def ipv6_cidr_block(self) -> typing.Optional[builtins.str]:
+        '''(experimental) The IPv6 CIDR block from the specified IPv6 address pool.
+
+        :stability: experimental
+        '''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "ipv6CidrBlock"))
+
     @builtins.property
     @jsii.member(jsii_name="ipv6IpamPoolId")
     def ipv6_ipam_pool_id(self) -> typing.Optional[builtins.str]:
@@ -1547,6 +1607,15 @@ class _IVPCCidrBlockProxy:
         '''
         return typing.cast(typing.Optional[builtins.str], jsii.get(self, "ipv6IpamPoolId"))
 
+    @builtins.property
+    @jsii.member(jsii_name="ipv6Pool")
+    def ipv6_pool(self) -> typing.Optional[builtins.str]:
+        '''(experimental) The ID of the IPv6 address pool from which to allocate the IPv6 CIDR block.
+
+        :stability: experimental
+        '''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "ipv6Pool"))
+
 # Adding a "__jsii_proxy_class__(): typing.Type" function to the interface
 typing.cast(typing.Any, IVPCCidrBlock).__jsii_proxy_class__ = lambda : _IVPCCidrBlockProxy
 
@@ -2395,6 +2464,31 @@ class IpAddresses(
 
         return typing.cast(IIpAddresses, jsii.sinvoke(cls, "ipv4Ipam", [ipv4_ipam_options]))
 
+    @jsii.member(jsii_name="ipv6ByoipPool")
+    @builtins.classmethod
+    def ipv6_byoip_pool(
+        cls,
+        *,
+        ipv6_cidr_block: builtins.str,
+        ipv6_pool_id: builtins.str,
+        cidr_block_name: builtins.str,
+    ) -> IIpAddresses:
+        '''(experimental) A BYOIP IPv6 address pool.
+
+        :param ipv6_cidr_block: (experimental) A valid IPv6 CIDR block from the IPv6 address pool onboarded to AWS using BYOIP. The most specific IPv6 address range that you can bring is /48 for CIDRs that are publicly advertisable and /56 for CIDRs that are not publicly advertisable.
+        :param ipv6_pool_id: (experimental) ID of the IPv6 address pool from which to allocate the IPv6 CIDR block. Note: BYOIP Pool ID is different from the IPAM Pool ID. To onboard your IPv6 address range to your AWS account please refer to the below documentation
+        :param cidr_block_name: (experimental) Required to set Secondary cidr block resource name in order to generate unique logical id for the resource.
+
+        :stability: experimental
+        '''
+        props = Ipv6PoolSecondaryAddressProps(
+            ipv6_cidr_block=ipv6_cidr_block,
+            ipv6_pool_id=ipv6_pool_id,
+            cidr_block_name=cidr_block_name,
+        )
+
+        return typing.cast(IIpAddresses, jsii.sinvoke(cls, "ipv6ByoipPool", [props]))
+
     @jsii.member(jsii_name="ipv6Ipam")
     @builtins.classmethod
     def ipv6_ipam(
@@ -4050,7 +4144,7 @@ class Route(
     @builtins.property
     @jsii.member(jsii_name="targetRouterType")
     def target_router_type(self) -> _aws_cdk_aws_ec2_ceddda9d.RouterType:
-        '''(experimental) The type of router the route is targetting.
+        '''(experimental) The type of router the route is targeting.
 
         :stability: experimental
         '''
@@ -5192,8 +5286,10 @@ class SubnetV2Props:
         "ipv4_ipam_pool_id": "ipv4IpamPoolId",
         "ipv4_ipam_provisioned_cidrs": "ipv4IpamProvisionedCidrs",
         "ipv4_netmask_length": "ipv4NetmaskLength",
+        "ipv6_cidr_block": "ipv6CidrBlock",
         "ipv6_ipam_pool_id": "ipv6IpamPoolId",
         "ipv6_netmask_length": "ipv6NetmaskLength",
+        "ipv6_pool": "ipv6Pool",
     },
 )
 class VPCCidrBlockattributes:
@@ -5206,8 +5302,10 @@ class VPCCidrBlockattributes:
         ipv4_ipam_pool_id: typing.Optional[builtins.str] = None,
         ipv4_ipam_provisioned_cidrs: typing.Optional[typing.Sequence[builtins.str]] = None,
         ipv4_netmask_length: typing.Optional[jsii.Number] = None,
+        ipv6_cidr_block: typing.Optional[builtins.str] = None,
         ipv6_ipam_pool_id: typing.Optional[builtins.str] = None,
         ipv6_netmask_length: typing.Optional[jsii.Number] = None,
+        ipv6_pool: typing.Optional[builtins.str] = None,
     ) -> None:
         '''(experimental) Attributes for VPCCidrBlock used for defining a new CIDR Block and also for importing an existing CIDR.
 
@@ -5217,8 +5315,10 @@ class VPCCidrBlockattributes:
         :param ipv4_ipam_pool_id: (experimental) IPAM pool for IPv4 address type. Default: - no IPAM pool Id provided for IPv4
         :param ipv4_ipam_provisioned_cidrs: (experimental) IPv4 CIDR provisioned under pool Required to check for overlapping CIDRs after provisioning is complete under IPAM pool. Default: - no IPAM IPv4 CIDR range is provisioned using IPAM
         :param ipv4_netmask_length: (experimental) Net mask length for IPv4 address type. Default: - no Net mask length configured for IPv4
+        :param ipv6_cidr_block: (experimental) The IPv6 CIDR block from the specified IPv6 address pool. Default: - No IPv6 CIDR block associated with VPC.
         :param ipv6_ipam_pool_id: (experimental) IPAM pool for IPv6 address type. Default: - no IPAM pool Id provided for IPv6
         :param ipv6_netmask_length: (experimental) Net mask length for IPv6 address type. Default: - no Net mask length configured for IPv6
+        :param ipv6_pool: (experimental) The ID of the IPv6 address pool from which to allocate the IPv6 CIDR block. Note: BYOIP Pool ID is different than IPAM Pool ID. Default: - No BYOIP pool associated with VPC.
 
         :stability: experimental
         :exampleMetadata: fixture=_generated
@@ -5236,8 +5336,10 @@ class VPCCidrBlockattributes:
                 ipv4_ipam_pool_id="ipv4IpamPoolId",
                 ipv4_ipam_provisioned_cidrs=["ipv4IpamProvisionedCidrs"],
                 ipv4_netmask_length=123,
+                ipv6_cidr_block="ipv6CidrBlock",
                 ipv6_ipam_pool_id="ipv6IpamPoolId",
-                ipv6_netmask_length=123
+                ipv6_netmask_length=123,
+                ipv6_pool="ipv6Pool"
             )
         '''
         if __debug__:
@@ -5248,8 +5350,10 @@ class VPCCidrBlockattributes:
             check_type(argname="argument ipv4_ipam_pool_id", value=ipv4_ipam_pool_id, expected_type=type_hints["ipv4_ipam_pool_id"])
             check_type(argname="argument ipv4_ipam_provisioned_cidrs", value=ipv4_ipam_provisioned_cidrs, expected_type=type_hints["ipv4_ipam_provisioned_cidrs"])
             check_type(argname="argument ipv4_netmask_length", value=ipv4_netmask_length, expected_type=type_hints["ipv4_netmask_length"])
+            check_type(argname="argument ipv6_cidr_block", value=ipv6_cidr_block, expected_type=type_hints["ipv6_cidr_block"])
             check_type(argname="argument ipv6_ipam_pool_id", value=ipv6_ipam_pool_id, expected_type=type_hints["ipv6_ipam_pool_id"])
             check_type(argname="argument ipv6_netmask_length", value=ipv6_netmask_length, expected_type=type_hints["ipv6_netmask_length"])
+            check_type(argname="argument ipv6_pool", value=ipv6_pool, expected_type=type_hints["ipv6_pool"])
         self._values: typing.Dict[builtins.str, typing.Any] = {}
         if amazon_provided_ipv6_cidr_block is not None:
             self._values["amazon_provided_ipv6_cidr_block"] = amazon_provided_ipv6_cidr_block
@@ -5263,10 +5367,14 @@ class VPCCidrBlockattributes:
             self._values["ipv4_ipam_provisioned_cidrs"] = ipv4_ipam_provisioned_cidrs
         if ipv4_netmask_length is not None:
             self._values["ipv4_netmask_length"] = ipv4_netmask_length
+        if ipv6_cidr_block is not None:
+            self._values["ipv6_cidr_block"] = ipv6_cidr_block
         if ipv6_ipam_pool_id is not None:
             self._values["ipv6_ipam_pool_id"] = ipv6_ipam_pool_id
         if ipv6_netmask_length is not None:
             self._values["ipv6_netmask_length"] = ipv6_netmask_length
+        if ipv6_pool is not None:
+            self._values["ipv6_pool"] = ipv6_pool
 
     @builtins.property
     def amazon_provided_ipv6_cidr_block(self) -> typing.Optional[builtins.bool]:
@@ -5334,6 +5442,17 @@ class VPCCidrBlockattributes:
         result = self._values.get("ipv4_netmask_length")
         return typing.cast(typing.Optional[jsii.Number], result)
 
+    @builtins.property
+    def ipv6_cidr_block(self) -> typing.Optional[builtins.str]:
+        '''(experimental) The IPv6 CIDR block from the specified IPv6 address pool.
+
+        :default: - No IPv6 CIDR block associated with VPC.
+
+        :stability: experimental
+        '''
+        result = self._values.get("ipv6_cidr_block")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def ipv6_ipam_pool_id(self) -> typing.Optional[builtins.str]:
         '''(experimental) IPAM pool for IPv6 address type.
@@ -5356,6 +5475,19 @@ class VPCCidrBlockattributes:
         result = self._values.get("ipv6_netmask_length")
         return typing.cast(typing.Optional[jsii.Number], result)
 
+    @builtins.property
+    def ipv6_pool(self) -> typing.Optional[builtins.str]:
+        '''(experimental) The ID of the IPv6 address pool from which to allocate the IPv6 CIDR block.
+
+        Note: BYOIP Pool ID is different than IPAM Pool ID.
+
+        :default: - No BYOIP pool associated with VPC.
+
+        :stability: experimental
+        '''
+        result = self._values.get("ipv6_pool")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     def __eq__(self, rhs: typing.Any) -> builtins.bool:
         return isinstance(rhs, self.__class__) and rhs._values == self._values
 
@@ -6068,8 +6200,10 @@ class VPNGatewayV2Props(VPNGatewayV2Options):
         "ipv4_ipam_pool": "ipv4IpamPool",
         "ipv4_ipam_provisioned_cidrs": "ipv4IpamProvisionedCidrs",
         "ipv4_netmask_length": "ipv4NetmaskLength",
+        "ipv6_cidr_block": "ipv6CidrBlock",
         "ipv6_ipam_pool": "ipv6IpamPool",
         "ipv6_netmask_length": "ipv6NetmaskLength",
+        "ipv6_pool_id": "ipv6PoolId",
     },
 )
 class VpcCidrOptions:
@@ -6083,8 +6217,10 @@ class VpcCidrOptions:
         ipv4_ipam_pool: typing.Optional[IIpamPool] = None,
         ipv4_ipam_provisioned_cidrs: typing.Optional[typing.Sequence[builtins.str]] = None,
         ipv4_netmask_length: typing.Optional[jsii.Number] = None,
+        ipv6_cidr_block: typing.Optional[builtins.str] = None,
         ipv6_ipam_pool: typing.Optional[IIpamPool] = None,
         ipv6_netmask_length: typing.Optional[jsii.Number] = None,
+        ipv6_pool_id: typing.Optional[builtins.str] = None,
     ) -> None:
         '''(experimental) Consolidated return parameters to pass to VPC construct.
 
@@ -6095,8 +6231,10 @@ class VpcCidrOptions:
         :param ipv4_ipam_pool: (experimental) Ipv4 IPAM Pool. Default: - Only required when using IPAM Ipv4
         :param ipv4_ipam_provisioned_cidrs: (experimental) IPv4 CIDR provisioned under pool Required to check for overlapping CIDRs after provisioning is complete under IPAM pool. Default: - no IPAM IPv4 CIDR range is provisioned using IPAM
         :param ipv4_netmask_length: (experimental) CIDR Mask for Vpc. Default: - Only required when using IPAM Ipv4
+        :param ipv6_cidr_block: (experimental) IPv6 CIDR block from the BOYIP IPv6 address pool. Default: - None
         :param ipv6_ipam_pool: (experimental) Ipv6 IPAM pool id for VPC range, can only be defined under public scope. Default: - no pool id
         :param ipv6_netmask_length: (experimental) CIDR Mask for Vpc. Default: - Only required when using AWS Ipam
+        :param ipv6_pool_id: (experimental) ID of the BYOIP IPv6 address pool from which to allocate the IPv6 CIDR block. Default: - None
 
         :stability: experimental
         :exampleMetadata: fixture=_generated
@@ -6119,8 +6257,10 @@ class VpcCidrOptions:
                 ipv4_ipam_pool=ipam_pool,
                 ipv4_ipam_provisioned_cidrs=["ipv4IpamProvisionedCidrs"],
                 ipv4_netmask_length=123,
+                ipv6_cidr_block="ipv6CidrBlock",
                 ipv6_ipam_pool=ipam_pool,
-                ipv6_netmask_length=123
+                ipv6_netmask_length=123,
+                ipv6_pool_id="ipv6PoolId"
             )
         '''
         if __debug__:
@@ -6132,8 +6272,10 @@ class VpcCidrOptions:
             check_type(argname="argument ipv4_ipam_pool", value=ipv4_ipam_pool, expected_type=type_hints["ipv4_ipam_pool"])
             check_type(argname="argument ipv4_ipam_provisioned_cidrs", value=ipv4_ipam_provisioned_cidrs, expected_type=type_hints["ipv4_ipam_provisioned_cidrs"])
             check_type(argname="argument ipv4_netmask_length", value=ipv4_netmask_length, expected_type=type_hints["ipv4_netmask_length"])
+            check_type(argname="argument ipv6_cidr_block", value=ipv6_cidr_block, expected_type=type_hints["ipv6_cidr_block"])
             check_type(argname="argument ipv6_ipam_pool", value=ipv6_ipam_pool, expected_type=type_hints["ipv6_ipam_pool"])
             check_type(argname="argument ipv6_netmask_length", value=ipv6_netmask_length, expected_type=type_hints["ipv6_netmask_length"])
+            check_type(argname="argument ipv6_pool_id", value=ipv6_pool_id, expected_type=type_hints["ipv6_pool_id"])
         self._values: typing.Dict[builtins.str, typing.Any] = {}
         if amazon_provided is not None:
             self._values["amazon_provided"] = amazon_provided
@@ -6149,10 +6291,14 @@ class VpcCidrOptions:
             self._values["ipv4_ipam_provisioned_cidrs"] = ipv4_ipam_provisioned_cidrs
         if ipv4_netmask_length is not None:
             self._values["ipv4_netmask_length"] = ipv4_netmask_length
+        if ipv6_cidr_block is not None:
+            self._values["ipv6_cidr_block"] = ipv6_cidr_block
         if ipv6_ipam_pool is not None:
             self._values["ipv6_ipam_pool"] = ipv6_ipam_pool
         if ipv6_netmask_length is not None:
             self._values["ipv6_netmask_length"] = ipv6_netmask_length
+        if ipv6_pool_id is not None:
+            self._values["ipv6_pool_id"] = ipv6_pool_id
 
     @builtins.property
     def amazon_provided(self) -> typing.Optional[builtins.bool]:
@@ -6233,6 +6379,17 @@ class VpcCidrOptions:
         result = self._values.get("ipv4_netmask_length")
         return typing.cast(typing.Optional[jsii.Number], result)
 
+    @builtins.property
+    def ipv6_cidr_block(self) -> typing.Optional[builtins.str]:
+        '''(experimental) IPv6 CIDR block from the BOYIP IPv6 address pool.
+
+        :default: - None
+
+        :stability: experimental
+        '''
+        result = self._values.get("ipv6_cidr_block")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def ipv6_ipam_pool(self) -> typing.Optional[IIpamPool]:
         '''(experimental) Ipv6 IPAM pool id for VPC range, can only be defined under public scope.
@@ -6255,6 +6412,17 @@ class VpcCidrOptions:
         result = self._values.get("ipv6_netmask_length")
         return typing.cast(typing.Optional[jsii.Number], result)
 
+    @builtins.property
+    def ipv6_pool_id(self) -> typing.Optional[builtins.str]:
+        '''(experimental) ID of the BYOIP IPv6 address pool from which to allocate the IPv6 CIDR block.
+
+        :default: - None
+
+        :stability: experimental
+        '''
+        result = self._values.get("ipv6_pool_id")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     def __eq__(self, rhs: typing.Any) -> builtins.bool:
         return isinstance(rhs, self.__class__) and rhs._values == self._values
 
@@ -7488,6 +7656,106 @@ class EgressOnlyInternetGateway(
         return typing.cast(_aws_cdk_aws_ec2_ceddda9d.RouterType, jsii.get(self, "routerType"))
 
 
+@jsii.data_type(
+    jsii_type="@aws-cdk/aws-ec2-alpha.Ipv6PoolSecondaryAddressProps",
+    jsii_struct_bases=[SecondaryAddressProps],
+    name_mapping={
+        "cidr_block_name": "cidrBlockName",
+        "ipv6_cidr_block": "ipv6CidrBlock",
+        "ipv6_pool_id": "ipv6PoolId",
+    },
+)
+class Ipv6PoolSecondaryAddressProps(SecondaryAddressProps):
+    def __init__(
+        self,
+        *,
+        cidr_block_name: builtins.str,
+        ipv6_cidr_block: builtins.str,
+        ipv6_pool_id: builtins.str,
+    ) -> None:
+        '''(experimental) Additional props needed for BYOIP IPv6 address props.
+
+        :param cidr_block_name: (experimental) Required to set Secondary cidr block resource name in order to generate unique logical id for the resource.
+        :param ipv6_cidr_block: (experimental) A valid IPv6 CIDR block from the IPv6 address pool onboarded to AWS using BYOIP. The most specific IPv6 address range that you can bring is /48 for CIDRs that are publicly advertisable and /56 for CIDRs that are not publicly advertisable.
+        :param ipv6_pool_id: (experimental) ID of the IPv6 address pool from which to allocate the IPv6 CIDR block. Note: BYOIP Pool ID is different from the IPAM Pool ID. To onboard your IPv6 address range to your AWS account please refer to the below documentation
+
+        :stability: experimental
+        :exampleMetadata: infused
+
+        Example::
+
+            my_vpc = VpcV2(self, "Vpc",
+                primary_address_block=IpAddresses.ipv4("10.1.0.0/16"),
+                secondary_address_blocks=[IpAddresses.ipv6_byoip_pool(
+                    cidr_block_name="MyByoipCidrBlock",
+                    ipv6_pool_id="ipv6pool-ec2-someHashValue",
+                    ipv6_cidr_block="2001:db8::/32"
+                )],
+                enable_dns_hostnames=True,
+                enable_dns_support=True
+            )
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__fe24765d3db4942e3a01304186ffb0bfd8bd3a825440b594d0126aa9ae100ef7)
+            check_type(argname="argument cidr_block_name", value=cidr_block_name, expected_type=type_hints["cidr_block_name"])
+            check_type(argname="argument ipv6_cidr_block", value=ipv6_cidr_block, expected_type=type_hints["ipv6_cidr_block"])
+            check_type(argname="argument ipv6_pool_id", value=ipv6_pool_id, expected_type=type_hints["ipv6_pool_id"])
+        self._values: typing.Dict[builtins.str, typing.Any] = {
+            "cidr_block_name": cidr_block_name,
+            "ipv6_cidr_block": ipv6_cidr_block,
+            "ipv6_pool_id": ipv6_pool_id,
+        }
+
+    @builtins.property
+    def cidr_block_name(self) -> builtins.str:
+        '''(experimental) Required to set Secondary cidr block resource name in order to generate unique logical id for the resource.
+
+        :stability: experimental
+        '''
+        result = self._values.get("cidr_block_name")
+        assert result is not None, "Required property 'cidr_block_name' is missing"
+        return typing.cast(builtins.str, result)
+
+    @builtins.property
+    def ipv6_cidr_block(self) -> builtins.str:
+        '''(experimental) A valid IPv6 CIDR block from the IPv6 address pool onboarded to AWS using BYOIP.
+
+        The most specific IPv6 address range that you can bring is /48 for CIDRs that are publicly advertisable
+        and /56 for CIDRs that are not publicly advertisable.
+
+        :see: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html#byoip-definitions
+        :stability: experimental
+        '''
+        result = self._values.get("ipv6_cidr_block")
+        assert result is not None, "Required property 'ipv6_cidr_block' is missing"
+        return typing.cast(builtins.str, result)
+
+    @builtins.property
+    def ipv6_pool_id(self) -> builtins.str:
+        '''(experimental) ID of the IPv6 address pool from which to allocate the IPv6 CIDR block.
+
+        Note: BYOIP Pool ID is different from the IPAM Pool ID.
+        To onboard your IPv6 address range to your AWS account please refer to the below documentation
+
+        :see: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/byoip-onboard.html
+        :stability: experimental
+        '''
+        result = self._values.get("ipv6_pool_id")
+        assert result is not None, "Required property 'ipv6_pool_id' is missing"
+        return typing.cast(builtins.str, result)
+
+    def __eq__(self, rhs: typing.Any) -> builtins.bool:
+        return isinstance(rhs, self.__class__) and rhs._values == self._values
+
+    def __ne__(self, rhs: typing.Any) -> builtins.bool:
+        return not (rhs == self)
+
+    def __repr__(self) -> str:
+        return "Ipv6PoolSecondaryAddressProps(%s)" % ", ".join(
+            k + "=" + repr(v) for k, v in self._values.items()
+        )
+
+
 class VpcV2(
     VpcV2Base,
     metaclass=jsii.JSIIMeta,
@@ -7815,6 +8083,7 @@ __all__ = [
     "IpamProps",
     "IpamScopeOptions",
     "IpamScopeType",
+    "Ipv6PoolSecondaryAddressProps",
     "NatConnectivityType",
     "NatGateway",
     "NatGatewayOptions",
@@ -8191,8 +8460,10 @@ def _typecheckingstub__4302f03d1c3aa687fb9a6d3011f239c94d844badf36d9d2e8270a543f
     ipv4_ipam_pool_id: typing.Optional[builtins.str] = None,
     ipv4_ipam_provisioned_cidrs: typing.Optional[typing.Sequence[builtins.str]] = None,
     ipv4_netmask_length: typing.Optional[jsii.Number] = None,
+    ipv6_cidr_block: typing.Optional[builtins.str] = None,
     ipv6_ipam_pool_id: typing.Optional[builtins.str] = None,
     ipv6_netmask_length: typing.Optional[jsii.Number] = None,
+    ipv6_pool: typing.Optional[builtins.str] = None,
 ) -> None:
     """Type checking stubs"""
     pass
@@ -8271,8 +8542,10 @@ def _typecheckingstub__dc5a774224468f268ba34d837f3aec361583306c8694ae77cdb19bb4c
     ipv4_ipam_pool: typing.Optional[IIpamPool] = None,
     ipv4_ipam_provisioned_cidrs: typing.Optional[typing.Sequence[builtins.str]] = None,
     ipv4_netmask_length: typing.Optional[jsii.Number] = None,
+    ipv6_cidr_block: typing.Optional[builtins.str] = None,
     ipv6_ipam_pool: typing.Optional[IIpamPool] = None,
     ipv6_netmask_length: typing.Optional[jsii.Number] = None,
+    ipv6_pool_id: typing.Optional[builtins.str] = None,
 ) -> None:
     """Type checking stubs"""
     pass
@@ -8416,6 +8689,15 @@ def _typecheckingstub__8ff67e43de6a050a1b2238939edd2b432686ecfc1a3e2758af2b92732
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__fe24765d3db4942e3a01304186ffb0bfd8bd3a825440b594d0126aa9ae100ef7(
+    *,
+    cidr_block_name: builtins.str,
+    ipv6_cidr_block: builtins.str,
+    ipv6_pool_id: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__43890f4b3ccf690abe4140abf07c3436fde6604bac35ff6b2e8fe5da2a20b481(
     scope: _constructs_77d1e7e8.Construct,
     id: builtins.str,

aws_cdk/aws_ec2_alpha/_jsii/__init__.py

@@ -33,9 +33,9 @@ import constructs._jsii
 
 __jsii_assembly__ = jsii.JSIIAssembly.load(
     "@aws-cdk/aws-ec2-alpha",
-    "2.175.1-alpha.0",
+    "2.177.0-alpha.0",
     __name__[0:-6],
-    "aws-ec2-alpha@2.175.1-alpha.0.jsii.tgz",
+    "aws-ec2-alpha@2.177.0-alpha.0.jsii.tgz",
 )
 
 __all__ = [

{aws_cdk.aws_ec2_alpha-2.175.1a0.dist-info → aws_cdk.aws_ec2_alpha-2.177.0a0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: aws-cdk.aws-ec2-alpha
-Version: 2.175.1a0
+Version: 2.177.0a0
 Summary: The CDK construct library for VPC V2
 Home-page: https://github.com/aws/aws-cdk
 Author: Amazon Web Services
@@ -23,9 +23,9 @@ Requires-Python: ~=3.8
 Description-Content-Type: text/markdown
 License-File: LICENSE
 License-File: NOTICE
-Requires-Dist: aws-cdk-lib<3.0.0,>=2.175.1
+Requires-Dist: aws-cdk-lib<3.0.0,>=2.177.0
 Requires-Dist: constructs<11.0.0,>=10.0.0
-Requires-Dist: jsii<2.0.0,>=1.104.0
+Requires-Dist: jsii<2.0.0,>=1.106.0
 Requires-Dist: publication>=0.0.3
 Requires-Dist: typeguard<4.3.0,>=2.13.3
 
@@ -131,6 +131,39 @@ VpcV2(self, "Vpc",
 
 Since `VpcV2` does not create subnets automatically, users have full control over IP addresses allocation across subnets.
 
+### Bring your own IPv6 addresses (BYOIP)
+
+If you have your own IP address that you would like to use with EC2, you can set up an IPv6 pool via the AWS CLI, and use that pool ID in your application.
+
+Once you have certified your IP address block with an ROA and have obtained an X-509 certificate, you can run the following command to provision your CIDR block in your AWS account:
+
+```shell
+aws ec2 provision-byoip-cidr --region <region> --cidr <your CIDR block> --cidr-authorization-context Message="1|aws|<account>|<your CIDR block>|<expiration date>|SHA256".Signature="<signature>"
+```
+
+When your BYOIP CIDR is provisioned, you can run the following command to retrieve your IPv6 pool ID, which will be used in your VPC declaration:
+
+```shell
+aws ec2 describe-byoip-cidr --region <region>
+```
+
+For more help on setting up your IPv6 address, please review the [EC2 Documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html).
+
+Once you have provisioned your address block, you can use the IPv6 in your VPC as follows:
+
+```python
+my_vpc = VpcV2(self, "Vpc",
+    primary_address_block=IpAddresses.ipv4("10.1.0.0/16"),
+    secondary_address_blocks=[IpAddresses.ipv6_byoip_pool(
+        cidr_block_name="MyByoipCidrBlock",
+        ipv6_pool_id="ipv6pool-ec2-someHashValue",
+        ipv6_cidr_block="2001:db8::/32"
+    )],
+    enable_dns_hostnames=True,
+    enable_dns_support=True
+)
+```
+
 ## Routing
 
 `RouteTable` is a new construct that allows for route tables to be customized in a variety of ways. For instance, the following example shows how a custom route table can be created and appended to a subnet:
@@ -327,7 +360,7 @@ acceptor_vpc = VpcV2(self, "VpcA",
 acceptor_role_arn = acceptor_vpc.create_acceptor_vpc_role("000000000000")
 ```
 
-After creating an IAM role in the acceptor account, we can initiate the peering connection request from the requestor VPC. Import accpeptorVpc to the stack using `fromVpcV2Attributes` method, it is recommended to specify owner account id of the acceptor VPC in case of cross account peering connection, if acceptor VPC is hosted in different region provide region value for import as well.
+After creating an IAM role in the acceptor account, we can initiate the peering connection request from the requestor VPC. Import acceptorVpc to the stack using `fromVpcV2Attributes` method, it is recommended to specify owner account id of the acceptor VPC in case of cross account peering connection, if acceptor VPC is hosted in different region provide region value for import as well.
 The following code snippet demonstrates how to set up VPC peering between two VPCs in different AWS accounts using CDK:
 
 ```python
@@ -483,11 +516,11 @@ For more information, see [What is AWS Site-to-Site VPN?](https://docs.aws.amazo
 
 VPN route propagation is a feature in Amazon Web Services (AWS) that automatically updates route tables in your Virtual Private Cloud (VPC) with routes learned from a VPN connection.
 
-To enable VPN route propogation, use the `vpnRoutePropagation` property to specify the subnets as an input to the function. VPN route propagation will then be enabled for each subnet with the corresponding route table IDs.
+To enable VPN route propagation, use the `vpnRoutePropagation` property to specify the subnets as an input to the function. VPN route propagation will then be enabled for each subnet with the corresponding route table IDs.
 
 Additionally, you can set up a route in any route table with the target set to the VPN Gateway. The function `enableVpnGatewayV2` returns a `VPNGatewayV2` object that you can reference later.
 
-The code example below provides the definition for setting up a VPN gateway with `vpnRoutePropogation` enabled:
+The code example below provides the definition for setting up a VPN gateway with `vpnRoutePropagation` enabled:
 
 ```python
 stack = Stack()
@@ -515,7 +548,7 @@ An internet gateway is a horizontally scaled, redundant, and highly available VP
 For more information, see [Enable VPC internet access using internet gateways](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-igw-internet-access.html).
 
 You can add an internet gateway to a VPC using `addInternetGateway` method. By default, this method creates a route in all Public Subnets with outbound destination set to `0.0.0.0` for IPv4 and `::0` for IPv6 enabled VPC.
-Instead of using the default settings, you can configure a custom destinatation range by providing an optional input `destination` to the method.
+Instead of using the default settings, you can configure a custom destination range by providing an optional input `destination` to the method.
 
 The code example below shows how to add an internet gateway with a custom outbound destination IP range:
 
@@ -558,12 +591,12 @@ imported_vpc = VpcV2.from_vpc_v2_attributes(stack, "ImportedVpc",
 
 In case of cross account or cross region VPC, its recommended to provide region and ownerAccountId so that these values for the VPC can be used to populate correct arn value for the VPC. If a VPC region and account ID is not provided, then region and account configured in the stack will be used. Furthermore, these fields will be referenced later while setting up VPC peering connection, so its necessary to set these fields to a correct value.
 
-Below is an example of importing a cross region and cross acount VPC, VPC arn for this case would be 'arn:aws:ec2:us-west-2:123456789012:vpc/mockVpcID'
+Below is an example of importing a cross region and cross account VPC, VPC arn for this case would be 'arn:aws:ec2:us-west-2:123456789012:vpc/mockVpcID'
 
 ```python
 stack = Stack()
 
-# Importing a cross acount or cross region VPC
+# Importing a cross account or cross region VPC
 imported_vpc = VpcV2.from_vpc_v2_attributes(stack, "ImportedVpc",
     vpc_id="mockVpcID",
     vpc_cidr_block="10.0.0.0/16",

aws_cdk.aws_ec2_alpha-2.177.0a0.dist-info/RECORD

@@ -0,0 +1,10 @@
+aws_cdk/aws_ec2_alpha/__init__.py,sha256=v9ELcwCVBmqkC7GL-4hHqFRXHdfdAzUf9Rbk1PRrh1k,379812
+aws_cdk/aws_ec2_alpha/py.typed,sha256=AbpHGcgLb-kRsJGnwFEktk7uzpZOCcBY74-YBdrKVGs,1
+aws_cdk/aws_ec2_alpha/_jsii/__init__.py,sha256=Eax1Hbu1ZjDx6rJGBkoK9FJBnn5bMvsjwz8-rwMdX6M,1479
+aws_cdk/aws_ec2_alpha/_jsii/aws-ec2-alpha@2.177.0-alpha.0.jsii.tgz,sha256=7qzTZSM9123VfwKDFua1IhKy0HOODbWvmqJ3ZZVvWz0,188138
+aws_cdk.aws_ec2_alpha-2.177.0a0.dist-info/LICENSE,sha256=y47tc38H0C4DpGljYUZDl8XxidQjNxxGLq-K4jwv6Xc,11391
+aws_cdk.aws_ec2_alpha-2.177.0a0.dist-info/METADATA,sha256=T9d0VkioXyuGztwTI3AvxVb8z8TCUSr3jn1BoLk4Q0A,27282
+aws_cdk.aws_ec2_alpha-2.177.0a0.dist-info/NOTICE,sha256=ZDV6_xBfMvhFtjjBh_f6lJjhZ2AEWWAGGkx2kLKHiuc,113
+aws_cdk.aws_ec2_alpha-2.177.0a0.dist-info/WHEEL,sha256=tZoeGjtWxWRfdplE7E3d45VPlLNQnvbKiYnx7gwAy8A,92
+aws_cdk.aws_ec2_alpha-2.177.0a0.dist-info/top_level.txt,sha256=1TALAKbuUGsMSrfKWEf268lySCmcqSEO6cDYe_XlLHM,8
+aws_cdk.aws_ec2_alpha-2.177.0a0.dist-info/RECORD,,

aws_cdk.aws_ec2_alpha-2.175.1a0.dist-info/RECORD

@@ -1,10 +0,0 @@
-aws_cdk/aws_ec2_alpha/__init__.py,sha256=J6gjyyTlgwI9LWD9SfFnODSCIS8eh3xKSorOpPPt5vI,366855
-aws_cdk/aws_ec2_alpha/py.typed,sha256=AbpHGcgLb-kRsJGnwFEktk7uzpZOCcBY74-YBdrKVGs,1
-aws_cdk/aws_ec2_alpha/_jsii/__init__.py,sha256=detGWV9fXbNOeSDBSrDahLBO_1wp7-r_gnFhip0Ld2w,1479
-aws_cdk/aws_ec2_alpha/_jsii/aws-ec2-alpha@2.175.1-alpha.0.jsii.tgz,sha256=GPLnW3YJL5iECcKWJaxhZqERkNnvZVb3sPUnJiF2SC0,182206
-aws_cdk.aws_ec2_alpha-2.175.1a0.dist-info/LICENSE,sha256=y47tc38H0C4DpGljYUZDl8XxidQjNxxGLq-K4jwv6Xc,11391
-aws_cdk.aws_ec2_alpha-2.175.1a0.dist-info/METADATA,sha256=ROrIXu-XBjzlME3gdMWS7xM7omheXCpAeKolUW_rpNA,25873
-aws_cdk.aws_ec2_alpha-2.175.1a0.dist-info/NOTICE,sha256=ZDV6_xBfMvhFtjjBh_f6lJjhZ2AEWWAGGkx2kLKHiuc,113
-aws_cdk.aws_ec2_alpha-2.175.1a0.dist-info/WHEEL,sha256=tZoeGjtWxWRfdplE7E3d45VPlLNQnvbKiYnx7gwAy8A,92
-aws_cdk.aws_ec2_alpha-2.175.1a0.dist-info/top_level.txt,sha256=1TALAKbuUGsMSrfKWEf268lySCmcqSEO6cDYe_XlLHM,8
-aws_cdk.aws_ec2_alpha-2.175.1a0.dist-info/RECORD,,