Class: Aws::FMS::Types::NetworkAclEntry
- Inherits:
- 
      Struct
      
        - Object
- Struct
- Aws::FMS::Types::NetworkAclEntry
 
- Defined in:
- gems/aws-sdk-fms/lib/aws-sdk-fms/types.rb
Overview
Describes a rule in a network ACL.
Each network ACL has a set of numbered ingress rules and a separate set of numbered egress rules. When determining whether a packet should be allowed in or out of a subnet associated with the network ACL, Amazon Web Services processes the entries in the network ACL according to the rule numbers, in ascending order.
When you manage an individual network ACL, you explicitly specify the rule numbers. When you specify the network ACL rules in a Firewall Manager policy, you provide the rules to run first, in the order that you want them to run, and the rules to run last, in the order that you want them to run. Firewall Manager assigns the rule numbers for you when you save the network ACL policy specification.
Constant Summary collapse
- SENSITIVE =
- [] 
Instance Attribute Summary collapse
- 
  
    
      #cidr_block  ⇒ String 
    
    
  
  
  
  
    
    
  
  
  
  
  
  
    The IPv4 network range to allow or deny, in CIDR notation. 
- 
  
    
      #egress  ⇒ Boolean 
    
    
  
  
  
  
    
    
  
  
  
  
  
  
    Indicates whether the rule is an egress, or outbound, rule (applied to traffic leaving the subnet). 
- 
  
    
      #icmp_type_code  ⇒ Types::NetworkAclIcmpTypeCode 
    
    
  
  
  
  
    
    
  
  
  
  
  
  
    ICMP protocol: The ICMP type and code. 
- 
  
    
      #ipv_6_cidr_block  ⇒ String 
    
    
  
  
  
  
    
    
  
  
  
  
  
  
    The IPv6 network range to allow or deny, in CIDR notation. 
- 
  
    
      #port_range  ⇒ Types::NetworkAclPortRange 
    
    
  
  
  
  
    
    
  
  
  
  
  
  
    TCP or UDP protocols: The range of ports the rule applies to. 
- 
  
    
      #protocol  ⇒ String 
    
    
  
  
  
  
    
    
  
  
  
  
  
  
    The protocol number. 
- 
  
    
      #rule_action  ⇒ String 
    
    
  
  
  
  
    
    
  
  
  
  
  
  
    Indicates whether to allow or deny the traffic that matches the rule. 
Instance Attribute Details
#cidr_block ⇒ String
The IPv4 network range to allow or deny, in CIDR notation.
| 2649 2650 2651 2652 2653 2654 2655 2656 2657 2658 2659 | # File 'gems/aws-sdk-fms/lib/aws-sdk-fms/types.rb', line 2649 class NetworkAclEntry < Struct.new( :icmp_type_code, :protocol, :port_range, :cidr_block, :ipv_6_cidr_block, :rule_action, :egress) SENSITIVE = [] include Aws::Structure end | 
#egress ⇒ Boolean
Indicates whether the rule is an egress, or outbound, rule (applied to traffic leaving the subnet). If it's not an egress rule, then it's an ingress, or inbound, rule.
| 2649 2650 2651 2652 2653 2654 2655 2656 2657 2658 2659 | # File 'gems/aws-sdk-fms/lib/aws-sdk-fms/types.rb', line 2649 class NetworkAclEntry < Struct.new( :icmp_type_code, :protocol, :port_range, :cidr_block, :ipv_6_cidr_block, :rule_action, :egress) SENSITIVE = [] include Aws::Structure end | 
#icmp_type_code ⇒ Types::NetworkAclIcmpTypeCode
ICMP protocol: The ICMP type and code.
| 2649 2650 2651 2652 2653 2654 2655 2656 2657 2658 2659 | # File 'gems/aws-sdk-fms/lib/aws-sdk-fms/types.rb', line 2649 class NetworkAclEntry < Struct.new( :icmp_type_code, :protocol, :port_range, :cidr_block, :ipv_6_cidr_block, :rule_action, :egress) SENSITIVE = [] include Aws::Structure end | 
#ipv_6_cidr_block ⇒ String
The IPv6 network range to allow or deny, in CIDR notation.
| 2649 2650 2651 2652 2653 2654 2655 2656 2657 2658 2659 | # File 'gems/aws-sdk-fms/lib/aws-sdk-fms/types.rb', line 2649 class NetworkAclEntry < Struct.new( :icmp_type_code, :protocol, :port_range, :cidr_block, :ipv_6_cidr_block, :rule_action, :egress) SENSITIVE = [] include Aws::Structure end | 
#port_range ⇒ Types::NetworkAclPortRange
TCP or UDP protocols: The range of ports the rule applies to.
| 2649 2650 2651 2652 2653 2654 2655 2656 2657 2658 2659 | # File 'gems/aws-sdk-fms/lib/aws-sdk-fms/types.rb', line 2649 class NetworkAclEntry < Struct.new( :icmp_type_code, :protocol, :port_range, :cidr_block, :ipv_6_cidr_block, :rule_action, :egress) SENSITIVE = [] include Aws::Structure end | 
#protocol ⇒ String
The protocol number. A value of "-1" means all protocols.
| 2649 2650 2651 2652 2653 2654 2655 2656 2657 2658 2659 | # File 'gems/aws-sdk-fms/lib/aws-sdk-fms/types.rb', line 2649 class NetworkAclEntry < Struct.new( :icmp_type_code, :protocol, :port_range, :cidr_block, :ipv_6_cidr_block, :rule_action, :egress) SENSITIVE = [] include Aws::Structure end | 
#rule_action ⇒ String
Indicates whether to allow or deny the traffic that matches the rule.
| 2649 2650 2651 2652 2653 2654 2655 2656 2657 2658 2659 | # File 'gems/aws-sdk-fms/lib/aws-sdk-fms/types.rb', line 2649 class NetworkAclEntry < Struct.new( :icmp_type_code, :protocol, :port_range, :cidr_block, :ipv_6_cidr_block, :rule_action, :egress) SENSITIVE = [] include Aws::Structure end |