SecurityGroupRuleRequest - Amazon Elastic Compute Cloud

SecurityGroupRuleRequest

Describes a security group rule.

You must specify exactly one of the following parameters, based on the rule type:

  • CidrIpv4

  • CidrIpv6

  • PrefixListId

  • ReferencedGroupId

When you modify a rule, you cannot change the rule type. For example, if the rule uses an IPv4 address range, you must use CidrIpv4 to specify a new IPv4 address range.

Contents

CidrIpv4

The IPv4 CIDR range. To specify a single IPv4 address, use the /32 prefix length.

Type: String

Required: No

CidrIpv6

The IPv6 CIDR range. To specify a single IPv6 address, use the /128 prefix length.

Type: String

Required: No

Description

The description of the security group rule.

Type: String

Required: No

FromPort

The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.

Type: Integer

Required: No

IpProtocol

The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers).

Use -1 to specify all protocols.

Type: String

Required: No

PrefixListId

The ID of the prefix list.

Type: String

Required: No

ReferencedGroupId

The ID of the security group that is referenced in the security group rule.

Type: String

Required: No

ToPort

The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.

Type: Integer

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: