Interface CfnRuleGroup.MatchAttributesProperty
- All Superinterfaces:
software.amazon.jsii.JsiiSerializable
- All Known Implementing Classes:
CfnRuleGroup.MatchAttributesProperty.Jsii$Proxy
- Enclosing class:
CfnRuleGroup
Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import software.amazon.awscdk.services.networkfirewall.*;
MatchAttributesProperty matchAttributesProperty = MatchAttributesProperty.builder()
.destinationPorts(List.of(PortRangeProperty.builder()
.fromPort(123)
.toPort(123)
.build()))
.destinations(List.of(AddressProperty.builder()
.addressDefinition("addressDefinition")
.build()))
.protocols(List.of(123))
.sourcePorts(List.of(PortRangeProperty.builder()
.fromPort(123)
.toPort(123)
.build()))
.sources(List.of(AddressProperty.builder()
.addressDefinition("addressDefinition")
.build()))
.tcpFlags(List.of(TCPFlagFieldProperty.builder()
.flags(List.of("flags"))
// the properties below are optional
.masks(List.of("masks"))
.build()))
.build();
- See Also:
-
Nested Class Summary
Nested ClassesModifier and TypeInterfaceDescriptionstatic final classA builder forCfnRuleGroup.MatchAttributesPropertystatic final classAn implementation forCfnRuleGroup.MatchAttributesProperty -
Method Summary
Modifier and TypeMethodDescriptionbuilder()default ObjectThe destination port to inspect for.default ObjectThe destination IP addresses and address ranges to inspect for, in CIDR notation.default ObjectThe protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol.default ObjectThe source port to inspect for.default ObjectThe source IP addresses and address ranges to inspect for, in CIDR notation.default ObjectThe TCP flags and masks to inspect for.Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getDestinationPorts
The destination port to inspect for.You can specify an individual port, for example
1994and you can specify a port range, for example1990:1994. To match with any port, specifyANY.This setting is only used for protocols 6 (TCP) and 17 (UDP).
Returns union: either
IResolvableor Listinvalid input: '<'eitherIResolvableorCfnRuleGroup.PortRangeProperty>- See Also:
-
getDestinations
The destination IP addresses and address ranges to inspect for, in CIDR notation.If not specified, this matches with any destination address.
Returns union: either
IResolvableor Listinvalid input: '<'eitherIResolvableorCfnRuleGroup.AddressProperty>- See Also:
-
getProtocols
The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol.If not specified, this matches with any protocol.
Returns union: either Listinvalid input: '<'
Number> orIResolvable- See Also:
-
getSourcePorts
The source port to inspect for.You can specify an individual port, for example
1994and you can specify a port range, for example1990:1994. To match with any port, specifyANY.If not specified, this matches with any source port.
This setting is only used for protocols 6 (TCP) and 17 (UDP).
Returns union: either
IResolvableor Listinvalid input: '<'eitherIResolvableorCfnRuleGroup.PortRangeProperty>- See Also:
-
getSources
The source IP addresses and address ranges to inspect for, in CIDR notation.If not specified, this matches with any source address.
Returns union: either
IResolvableor Listinvalid input: '<'eitherIResolvableorCfnRuleGroup.AddressProperty>- See Also:
-
getTcpFlags
The TCP flags and masks to inspect for.If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).
Returns union: either
IResolvableor Listinvalid input: '<'eitherIResolvableorCfnRuleGroup.TCPFlagFieldProperty>- See Also:
-
builder
-