CfnNetworkAclEntryMixinProps
- class aws_cdk.mixins_preview.aws_ec2.mixins.CfnNetworkAclEntryMixinProps(*, cidr_block=None, egress=None, icmp=None, ipv6_cidr_block=None, network_acl_id=None, port_range=None, protocol=None, rule_action=None, rule_number=None)
Bases:
objectProperties for CfnNetworkAclEntryPropsMixin.
- Parameters:
cidr_block (
Optional[str]) – The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block.egress (
Union[bool,IResolvable,None]) – Whether this rule applies to egress traffic from the subnet (true) or ingress traffic to the subnet (false). By default, AWS CloudFormation specifiesfalse.icmp (
Union[IResolvable,IcmpProperty,Dict[str,Any],None]) – The Internet Control Message Protocol (ICMP) code and type. Required if specifying 1 (ICMP) for the protocol parameter.ipv6_cidr_block (
Optional[str]) – The IPv6 network range to allow or deny, in CIDR notation. You must specify an IPv4 CIDR block or an IPv6 CIDR block.network_acl_id (
Optional[str]) – The ID of the ACL for the entry.port_range (
Union[IResolvable,PortRangeProperty,Dict[str,Any],None]) – The range of port numbers for the UDP/TCP protocol. Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.protocol (
Union[int,float,None]) – The IP protocol that the rule applies to. You must specify -1 or a protocol number. You can specify -1 for all protocols. .. epigraph:: If you specify -1, all ports are opened and thePortRangeproperty is ignored.rule_action (
Optional[str]) – Whether to allow or deny traffic that matches the rule; valid values are “allow” or “deny”.rule_number (
Union[int,float,None]) – Rule number to assign to the entry, such as 100. ACL entries are processed in ascending order by rule number. Entries can’t use the same rule number unless one is an egress rule and the other is an ingress rule.
- See:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-networkaclentry.html
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_ec2 import mixins as ec2_mixins cfn_network_acl_entry_mixin_props = ec2_mixins.CfnNetworkAclEntryMixinProps( cidr_block="cidrBlock", egress=False, icmp=ec2_mixins.CfnNetworkAclEntryPropsMixin.IcmpProperty( code=123, type=123 ), ipv6_cidr_block="ipv6CidrBlock", network_acl_id="networkAclId", port_range=ec2_mixins.CfnNetworkAclEntryPropsMixin.PortRangeProperty( from=123, to=123 ), protocol=123, rule_action="ruleAction", rule_number=123 )
Attributes
- cidr_block
The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block.
- egress
Whether this rule applies to egress traffic from the subnet (
true) or ingress traffic to the subnet (false).By default, AWS CloudFormation specifies
false.
- icmp
The Internet Control Message Protocol (ICMP) code and type.
Required if specifying 1 (ICMP) for the protocol parameter.
- ipv6_cidr_block
The IPv6 network range to allow or deny, in CIDR notation.
You must specify an IPv4 CIDR block or an IPv6 CIDR block.
- network_acl_id
The ID of the ACL for the entry.
- port_range
The range of port numbers for the UDP/TCP protocol.
Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.
- protocol
The IP protocol that the rule applies to.
You must specify -1 or a protocol number. You can specify -1 for all protocols. .. epigraph:
If you specify -1, all ports are opened and the ``PortRange`` property is ignored.
- rule_action
Whether to allow or deny traffic that matches the rule;
valid values are “allow” or “deny”.
- rule_number
Rule number to assign to the entry, such as 100.
ACL entries are processed in ascending order by rule number. Entries can’t use the same rule number unless one is an egress rule and the other is an ingress rule.