Docs

Overview

Configure the VPC or VNet used by a deployment in each customer environment.

Network configures the VPC or VNet used by a deployment. It covers subnets, NAT, routing, and security groups for services running in a customer environment.

Developers do not instantiate new alien.Network(...) in alien.ts. Network is generated from deployment stack settings when the deployment needs cloud networking.

Platform Mapping

PlatformBacking Infrastructure
AWSVPC, subnets, route tables, Internet Gateway, NAT Gateway, security group
GCPVPC network, subnetwork, Cloud Router, Cloud NAT, firewall rule
AzureVNet, public/private subnets, NAT Gateway, Public IP, Network Security Group
Kubernetes / On-PremExternal cluster networking

When to Configure Network

Configure Network when the customer environment has specific networking requirements:

  • use an isolated VPC/VNet instead of a provider default network
  • bring an existing customer-managed VPC/VNet
  • choose a CIDR block
  • control how private services get outbound internet access
  • attach public ingress resources to known public subnets

If no network settings are provided and the stack needs networking, Alien creates the default network shape required by the platform.

Modes

ModeUse ForOwnership
createProduction deployments that should have an Alien-managed isolated networkAlien creates and deletes the network infrastructure.
use-defaultFast dev/test deploymentsAlien uses provider defaults where available.
byo-vpc-awsExisting AWS VPCCustomer owns routing, egress, subnets, and security posture.
byo-vpc-gcpExisting GCP VPCCustomer owns routing, egress, subnet, and firewall posture.
byo-vnet-azureExisting Azure VNetCustomer owns routing, egress, subnets, and NSG posture.

Example Stack Settings

Network settings are supplied with deployment configuration or generated setup files, not in the resource builder.

stack-settings.json
{
  "network": {
    "type": "create",
    "cidr": "100.88.0.0/16",
    "availability_zones": 2
  }
}
alien render --format terraform --target aws \
  --stack ./alien.ts \
  --stack-settings ./stack-settings.json

Bring Your Own Network

aws-stack-settings.json
{
  "network": {
    "type": "byo-vpc-aws",
    "vpc_id": "vpc-0123456789abcdef0",
    "public_subnet_ids": ["subnet-public-a", "subnet-public-b"],
    "private_subnet_ids": ["subnet-private-a", "subnet-private-b"],
    "security_group_ids": ["sg-0123456789abcdef0"]
  }
}

BYO modes validate and reference existing infrastructure. Alien does not create or delete the network itself.

See API Reference for all settings and Behavior & Limits for platform-specific behavior.

Wait Until

Extend a worker's lifetime to run background work after the response is sent.

API Reference

StackSettings.network modes and fields for Alien Network.

On this page

Platform MappingWhen to Configure NetworkModesExample Stack SettingsBring Your Own Network