AWS::EC2::IPAMPrefixListResolver IpamPrefixListResolverRuleCondition

Describes a condition within a CIDR selection rule. Conditions define the criteria for selecting CIDRs from IPAM's database based on resource attributes.

CIDR selection rules define the business logic for selecting CIDRs from IPAM. If a CIDR matches any of the rules, it will be included. If a rule has multiple conditions, the CIDR has to match every condition of that rule. You can create a prefix list resolver without any CIDR selection rules, but it will generate empty versions (containing no CIDRs) until you add rules.

There are three rule types. Only 2 of the 3 rule types support conditions - IPAM pool CIDR and Scope resource CIDR. Static CIDR rules cannot have conditions.

Static CIDR: A fixed list of CIDRs that do not change (like a manual list replicated across Regions)
IPAM pool CIDR: CIDRs from specific IPAM pools (like all CIDRs from your IPAM production pool)

If you choose this option, choose the following:
- IPAM scope: Select the IPAM scope to search for resources
- Conditions:
  - Property
    
    IPAM pool ID: Select an IPAM pool that contains the resources
    
    CIDR (like 10.24.34.0/23)
  - Operation: Equals/Not equals
  - Value: The value on which to match the condition
Scope resource CIDR: CIDRs from AWS resources like VPCs, subnets, EIPs within an IPAM scope

If you choose this option, choose the following:
- IPAM scope: Select the IPAM scope to search for resources
- Resource type: Select a resource, like a VPC or subnet.
- Conditions:
  - Property:
    
    Resource ID: The unique ID of a resource (like vpc-1234567890abcdef0)
    
    Resource owner (like 111122223333)
    
    Resource region (like us-east-1)
    
    Resource tag (like key: name, value: dev-vpc-1)
    
    CIDR (like 10.24.34.0/23)
  - Operation: Equals/Not equals
  - Value: The value on which to match the condition

Syntax

To declare this entity in your CloudFormation template, use the following syntax:

JSON


{
  "Cidr" : String,
  "IpamPoolId" : String,
  "Operation" : String,
  "ResourceId" : String,
  "ResourceOwner" : String,
  "ResourceRegion" : String,
  "ResourceTag" : Tag
}

YAML


  Cidr: String
  IpamPoolId: String
  Operation: String
  ResourceId: String
  ResourceOwner: String
  ResourceRegion: String
  ResourceTag: 
    Tag

Properties

Cidr

A CIDR block to match against. This condition selects CIDRs that fall within or match the specified CIDR range.

Required: No

Type: String

Update requires: No interruption

IpamPoolId

The ID of the IPAM pool to match against. This condition selects CIDRs that belong to the specified IPAM pool.

Required: No

Type: String

Update requires: No interruption

Operation

The operation to perform when evaluating this condition. Valid values include equals, not-equals, and subnet-of.

Required: No

Type: String

Allowed values: equals | not-equals | subnet-of

Update requires: No interruption

ResourceId

The ID of the AWS resource to match against. This condition selects CIDRs associated with the specified resource.

Required: No

Type: String

Update requires: No interruption

ResourceOwner

The AWS account ID that owns the resources to match against. This condition selects CIDRs from resources owned by the specified account.

Required: No

Type: String

Update requires: No interruption

ResourceRegion

The AWS Region where the resources are located. This condition selects CIDRs from resources in the specified Region.

Required: No

Type: String

Update requires: No interruption

ResourceTag

A tag key-value pair to match against. This condition selects CIDRs from resources that have the specified tag.

Required: No

Type: Tag

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

IpamPrefixListResolverRule

Tag