Package software.amazon.awscdk.services.ec2

Interface CfnNetworkAclEntryProps

All Superinterfaces:
software.amazon.jsii.JsiiSerializable
All Known Implementing Classes:
CfnNetworkAclEntryProps.Jsii$Proxy
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:30:38.793Z") @Stability(Stable) public interface CfnNetworkAclEntryProps extends software.amazon.jsii.JsiiSerializable
Properties for defining a CfnNetworkAclEntry.

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.ec2.*;
 CfnNetworkAclEntryProps cfnNetworkAclEntryProps = CfnNetworkAclEntryProps.builder()
         .networkAclId("networkAclId")
         .protocol(123)
         .ruleAction("ruleAction")
         .ruleNumber(123)
         // the properties below are optional
         .cidrBlock("cidrBlock")
         .egress(false)
         .icmp(IcmpProperty.builder()
                 .code(123)
                 .type(123)
                 .build())
         .ipv6CidrBlock("ipv6CidrBlock")
         .portRange(PortRangeProperty.builder()
                 .from(123)
                 .to(123)
                 .build())
         .build();

  • Method Details

    • getNetworkAclId

      @Stability(Stable) @NotNull String getNetworkAclId()
      The ID of the ACL for the entry.

    • getProtocol

      @Stability(Stable) @NotNull Number getProtocol()
      The IP protocol that the rule applies to.

      You must specify -1 or a protocol number. You can specify -1 for all protocols.

      If you specify -1, all ports are opened and the PortRange property is ignored.

    • getRuleAction

      @Stability(Stable) @NotNull String getRuleAction()
      Whether to allow or deny traffic that matches the rule;

      valid values are "allow" or "deny".

    • getRuleNumber

      @Stability(Stable) @NotNull Number getRuleNumber()
      Rule number to assign to the entry, such as 100.

      ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.

    • getCidrBlock

      @Stability(Stable) @Nullable default String getCidrBlock()
      The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). Requirement is conditional: You must specify the CidrBlock or Ipv6CidrBlock property.

    • getEgress

      @Stability(Stable) @Nullable default Object getEgress()
      Whether this rule applies to egress traffic from the subnet ( true ) or ingress traffic to the subnet ( false ).

      By default, AWS CloudFormation specifies false .

    • getIcmp

      @Stability(Stable) @Nullable default Object getIcmp()
      The Internet Control Message Protocol (ICMP) code and type.

      Requirement is conditional: Required if specifying 1 (ICMP) for the protocol parameter.

    • getIpv6CidrBlock

      @Stability(Stable) @Nullable default String getIpv6CidrBlock()
      The IPv6 network range to allow or deny, in CIDR notation.

      Requirement is conditional: You must specify the CidrBlock or Ipv6CidrBlock property.

    • getPortRange

      @Stability(Stable) @Nullable default Object getPortRange()
      The range of port numbers for the UDP/TCP protocol.

      Conditional required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.

    • builder

      @Stability(Stable) static CfnNetworkAclEntryProps.Builder builder()
      Returns:
      a CfnNetworkAclEntryProps.Builder of CfnNetworkAclEntryProps