Class CfnNetworkAclEntry
A CloudFormation AWS::EC2::NetworkAclEntry
.
Inherited Members
Namespace: Amazon.CDK.AWS.EC2
Assembly: Amazon.CDK.AWS.EC2.dll
Syntax (csharp)
public class CfnNetworkAclEntry : CfnResource, IConstruct, IDependable, IInspectable
Syntax (vb)
Public Class CfnNetworkAclEntry
Inherits CfnResource
Implements IConstruct, IDependable, IInspectable
Remarks
Specifies an entry, known as a rule, in a network ACL with a rule number you specify. Each network ACL has a set of numbered ingress rules and a separate set of numbered egress rules.
For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
CloudformationResource: AWS::EC2::NetworkAclEntry
Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-networkaclentry.html
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.EC2;
var cfnNetworkAclEntry = new CfnNetworkAclEntry(this, "MyCfnNetworkAclEntry", new CfnNetworkAclEntryProps {
NetworkAclId = "networkAclId",
Protocol = 123,
RuleAction = "ruleAction",
RuleNumber = 123,
// the properties below are optional
CidrBlock = "cidrBlock",
Egress = false,
Icmp = new IcmpProperty {
Code = 123,
Type = 123
},
Ipv6CidrBlock = "ipv6CidrBlock",
PortRange = new PortRangeProperty {
From = 123,
To = 123
}
});
Synopsis
Constructors
CfnNetworkAclEntry(Construct, String, ICfnNetworkAclEntryProps) | Create a new |
CfnNetworkAclEntry(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
CfnNetworkAclEntry(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
Properties
AttrId | The ID of the network ACL entry. |
CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
CfnProperties | |
CidrBlock | The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). Requirement is conditional: You must specify the |
Egress | Whether this rule applies to egress traffic from the subnet ( |
Icmp | The Internet Control Message Protocol (ICMP) code and type. |
Ipv6CidrBlock | The IPv6 network range to allow or deny, in CIDR notation. |
NetworkAclId | The ID of the ACL for the entry. |
PortRange | The range of port numbers for the UDP/TCP protocol. |
Protocol | The IP protocol that the rule applies to. |
RuleAction | Whether to allow or deny traffic that matches the rule; |
RuleNumber | Rule number to assign to the entry, such as 100. |
Methods
Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
RenderProperties(IDictionary<String, Object>) |
Constructors
CfnNetworkAclEntry(Construct, String, ICfnNetworkAclEntryProps)
Create a new AWS::EC2::NetworkAclEntry
.
public CfnNetworkAclEntry(Construct scope, string id, ICfnNetworkAclEntryProps props)
Parameters
- scope Construct
- scope in which this resource is defined.
- id System.String
- scoped id of the resource.
- props ICfnNetworkAclEntryProps
- resource properties.
CfnNetworkAclEntry(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected CfnNetworkAclEntry(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
CfnNetworkAclEntry(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected CfnNetworkAclEntry(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
Properties
AttrId
The ID of the network ACL entry.
public virtual string AttrId { get; }
Property Value
System.String
Remarks
CloudformationAttribute: Id
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }
Property Value
System.String
CfnProperties
protected override IDictionary<string, object> CfnProperties { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Overrides
CidrBlock
The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). Requirement is conditional: You must specify the CidrBlock
or Ipv6CidrBlock
property.
public virtual string CidrBlock { get; set; }
Property Value
System.String
Remarks
Egress
Whether this rule applies to egress traffic from the subnet ( true
) or ingress traffic to the subnet ( false
).
public virtual object Egress { get; set; }
Property Value
System.Object
Remarks
By default, AWS CloudFormation specifies false
.
Icmp
The Internet Control Message Protocol (ICMP) code and type.
public virtual object Icmp { get; set; }
Property Value
System.Object
Remarks
Requirement is conditional: Required if specifying 1 (ICMP) for the protocol parameter.
Ipv6CidrBlock
The IPv6 network range to allow or deny, in CIDR notation.
public virtual string Ipv6CidrBlock { get; set; }
Property Value
System.String
Remarks
Requirement is conditional: You must specify the CidrBlock
or Ipv6CidrBlock
property.
NetworkAclId
The ID of the ACL for the entry.
public virtual string NetworkAclId { get; set; }
Property Value
System.String
Remarks
PortRange
The range of port numbers for the UDP/TCP protocol.
public virtual object PortRange { get; set; }
Property Value
System.Object
Remarks
Conditional required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.
Protocol
The IP protocol that the rule applies to.
public virtual double Protocol { get; set; }
Property Value
System.Double
Remarks
You must specify -1 or a protocol number. You can specify -1 for all protocols.
If you specify -1, all ports are opened and the PortRange
property is ignored.
RuleAction
Whether to allow or deny traffic that matches the rule;
public virtual string RuleAction { get; set; }
Property Value
System.String
Remarks
valid values are "allow" or "deny".
RuleNumber
Rule number to assign to the entry, such as 100.
public virtual double RuleNumber { get; set; }
Property Value
System.Double
Remarks
ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)
Parameters
- inspector TreeInspector
- tree inspector to collect and process attributes.
RenderProperties(IDictionary<String, Object>)
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)
Parameters
- props System.Collections.Generic.IDictionary<System.String, System.Object>
Returns
System.Collections.Generic.IDictionary<System.String, System.Object>