Skip to content

/AWS1/CL_EC2=>MODIFYVPCBLOCKPUBLICACCOPTS()

About ModifyVpcBlockPublicAccessOptions

Modify VPC Block Public Access (BPA) options. VPC Block Public Access (BPA) enables you to block resources in VPCs and subnets that you own in a Region from reaching or being reached from the internet through internet gateways and egress-only internet gateways. To learn more about VPC BPA, see Block public access to VPCs and subnets in the Amazon VPC User Guide.

Method Signature

IMPORTING

Required arguments:

iv_internetgatewayblockmode TYPE /AWS1/EC2INTERNETGWBLOCKMODE /AWS1/EC2INTERNETGWBLOCKMODE

The mode of VPC BPA.

  • off: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.

  • block-bidirectional: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).

  • block-ingress: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.

Optional arguments:

iv_dryrun TYPE /AWS1/EC2BOOLEAN /AWS1/EC2BOOLEAN

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

RETURNING

oo_output TYPE REF TO /aws1/cl_ec2modvpcblkpubacco01 /AWS1/CL_EC2MODVPCBLKPUBACCO01

Domain /AWS1/RT_ACCOUNT_ID
Primitive Type NUMC

Examples

Syntax Example

This is an example of the syntax for calling the method. It includes every possible argument and initializes every possible value. The data provided is not necessarily semantically accurate (for example the value "string" may be provided for something that is intended to be an instance ID, or in some cases two arguments may be mutually exclusive). The syntax shows the ABAP syntax for creating the various data structures.

DATA(lo_result) = lo_client->/aws1/if_ec2~modifyvpcblockpublicaccopts(
  iv_dryrun = ABAP_TRUE
  iv_internetgatewayblockmode = |string|
).

This is an example of reading all possible response values

lo_result = lo_result.
IF lo_result IS NOT INITIAL.
  lo_vpcblockpublicaccessopt = lo_result->get_vpcblockpublicaccessopts( ).
  IF lo_vpcblockpublicaccessopt IS NOT INITIAL.
    lv_string = lo_vpcblockpublicaccessopt->get_awsaccountid( ).
    lv_string = lo_vpcblockpublicaccessopt->get_awsregion( ).
    lv_vpcblockpublicaccesssta = lo_vpcblockpublicaccessopt->get_state( ).
    lv_internetgatewayblockmod = lo_vpcblockpublicaccessopt->get_internetgatewayblockmode( ).
    lv_string = lo_vpcblockpublicaccessopt->get_reason( ).
    lv_milliseconddatetime = lo_vpcblockpublicaccessopt->get_lastupdatetimestamp( ).
    lv_managedby = lo_vpcblockpublicaccessopt->get_managedby( ).
    lv_vpcblockpublicaccessexc = lo_vpcblockpublicaccessopt->get_exclusionsallowed( ).
  ENDIF.
ENDIF.