Interface InstanceProps

AMI ID for the instance OS and software. AMI root volumes must be listed in blockDevices to ensure encryption.

Use cases: OS selection; Golden image deployment

AWS: EC2 ImageId

Validation: Required; valid AMI ID (ami-...)

Availability zone for instance placement (e.g. us-east-1a).

Use cases: AZ-specific placement; HA architecture

AWS: EC2 AvailabilityZone

Validation: Required; valid AZ string

EBS block device configurations. Must include the AMI root volume deviceName to ensure it is encrypted.

Use cases: Root volume encryption; Additional data volumes

AWS: EC2 BlockDeviceMappings

Validation: Required; array of BlockDeviceProps

Maximum time to wait for creation signals (ISO 8601 duration, e.g. PT25M).

Use cases: Long-running init timeout; Deployment time control

AWS: CloudFormation CreationPolicy ResourceSignal Timeout

Validation: Optional; ISO 8601 duration string

Name of a pre-existing EC2 key pair (created outside this config).

Use cases: Reuse existing SSH key pairs; External key management

AWS: EC2 KeyName

Validation: Optional; key pair must exist in the region

Inline CloudFormation Init configuration for this instance. Alternative to referencing a named init via initName.

Use cases: Instance-specific bootstrap; One-off init configs

AWS: CloudFormation::Init

Validation: Optional; valid InitProps

Name of a CloudFormation Init configuration from the cfnInit section.

Use cases: Shared init config reuse across instances

AWS: CloudFormation::Init

Validation: Optional; must match a key in the cfnInit config section

Options controlling CloudFormation Init execution for this instance.

Use cases: Config set selection; Init timeout tuning; Debug mode

AWS: ApplyCloudFormationInitOptions

Validation: Optional; valid InitOptionsProps

IAM role used as the instance profile. Supports arn, name, or id references.

Use cases: Instance service access; Least-privilege compute permissions

AWS: EC2 IamInstanceProfile

Validation: Required; valid MdaaRoleRef

EC2 instance type (e.g. t3.medium, m5.large).

Use cases: Compute capacity sizing; Cost optimization

AWS: EC2 InstanceType

Validation: Required; valid EC2 instance type string

Name of a key pair from the keyPairs section of this config for SSH access.

Use cases: Project-managed SSH key pair reference

AWS: EC2 KeyName

Validation: Optional; must match a key in the keyPairs config section

KMS key ARN for EBS volume encryption. If omitted, the module's KMS CMK is used.

Use cases: Bring-your-own-key EBS encryption; Compliance-specific key management

AWS: KMS key for EBS encryption

Validation: Optional; valid KMS key ARN

Operating system type. Affects user data script handling and cfn-init behavior.

Use cases: OS-specific bootstrap; Platform-appropriate configuration

AWS: EC2 instance OS type

Validation: Required; "linux" | "windows" | "unknown"

Name of a security group from the securityGroups section of this config. Mutually exclusive with securityGroupId.

Use cases: Reference project-managed security groups by name

AWS: EC2 instance security group association

Validation: Optional; must match a key in the securityGroups config section

ID of an existing security group created outside this config. Mutually exclusive with securityGroup.

Use cases: Reuse pre-existing VPC security groups

AWS: EC2 instance security group association

Validation: Optional; valid security group ID (sg-...)

Number of success signals required before CloudFormation considers the instance creation complete.

Use cases: Multi-step init validation; Deployment gate

AWS: CloudFormation CreationPolicy ResourceSignal Count

Validation: Optional; positive integer

When false, disables source/destination checking to allow NAT or routing.

Use cases: NAT instance; Custom routing; Network appliance

AWS: EC2 SourceDestCheck

Validation: Optional; boolean

Subnet for instance placement within the VPC.

Use cases: AZ targeting; Network segmentation

AWS: EC2 instance SubnetId

Validation: Required; valid subnet ID

Whether user data changes force instance replacement.

Use cases: Immutable deployments; In-place update control

AWS: CloudFormation UpdateReplacePolicy behavior

Validation: Optional; boolean

Path to a user data script relative to this config file. Shell script for Linux (.sh), PowerShell for Windows (.ps1).

Use cases: Custom bootstrap scripts; Instance initialization

AWS: EC2 UserData

Validation: Optional; valid file path

VPC where the instance will be deployed.

Use cases: VPC-scoped instance placement; Network isolation

AWS: EC2 instance VPC

Validation: Required; valid VPC ID