Package software.amazon.awscdk.services.fms

Interface CfnPolicy.NetworkAclEntryProperty

All Superinterfaces:
software.amazon.jsii.JsiiSerializable
All Known Implementing Classes:
CfnPolicy.NetworkAclEntryProperty.Jsii$Proxy
Enclosing class:
CfnPolicy
@Stability(Stable) public static interface CfnPolicy.NetworkAclEntryProperty extends software.amazon.jsii.JsiiSerializable
Describes a rule in a network ACL.

Each network ACL has a set of numbered ingress rules and a separate set of numbered egress rules. When determining whether a packet should be allowed in or out of a subnet associated with the network ACL, AWS processes the entries in the network ACL according to the rule numbers, in ascending order.

When you manage an individual network ACL, you explicitly specify the rule numbers. When you specify the network ACL rules in a Firewall Manager policy, you provide the rules to run first, in the order that you want them to run, and the rules to run last, in the order that you want them to run. Firewall Manager assigns the rule numbers for you when you save the network ACL policy specification.

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.fms.*;
 NetworkAclEntryProperty networkAclEntryProperty = NetworkAclEntryProperty.builder()
         .egress(false)
         .protocol("protocol")
         .ruleAction("ruleAction")
         // the properties below are optional
         .cidrBlock("cidrBlock")
         .icmpTypeCode(IcmpTypeCodeProperty.builder()
                 .code(123)
                 .type(123)
                 .build())
         .ipv6CidrBlock("ipv6CidrBlock")
         .portRange(PortRangeProperty.builder()
                 .from(123)
                 .to(123)
                 .build())
         .build();

See Also: