Package software.amazon.awscdk.services.ec2

Class CfnNetworkAclEntry

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.core.Construct
software.amazon.awscdk.core.CfnElement
software.amazon.awscdk.core.CfnRefElement
software.amazon.awscdk.core.CfnResource
software.amazon.awscdk.services.ec2.CfnNetworkAclEntry
All Implemented Interfaces:
IConstruct, IDependable, IInspectable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:30:38.789Z") @Stability(Stable) public class CfnNetworkAclEntry extends CfnResource implements IInspectable
A CloudFormation AWS::EC2::NetworkAclEntry.

Specifies an entry, known as a rule, in a network ACL with a rule number you specify. Each network ACL has a set of numbered ingress rules and a separate set of numbered egress rules.

For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.ec2.*;
 CfnNetworkAclEntry cfnNetworkAclEntry = CfnNetworkAclEntry.Builder.create(this, "MyCfnNetworkAclEntry")
         .networkAclId("networkAclId")
         .protocol(123)
         .ruleAction("ruleAction")
         .ruleNumber(123)
         // the properties below are optional
         .cidrBlock("cidrBlock")
         .egress(false)
         .icmp(IcmpProperty.builder()
                 .code(123)
                 .type(123)
                 .build())
         .ipv6CidrBlock("ipv6CidrBlock")
         .portRange(PortRangeProperty.builder()
                 .from(123)
                 .to(123)
                 .build())
         .build();

  • Field Details

    • CFN_RESOURCE_TYPE_NAME

      @Stability(Stable) public static final String CFN_RESOURCE_TYPE_NAME
      The CloudFormation resource type name for this resource class.

  • Constructor Details

    • CfnNetworkAclEntry

      protected CfnNetworkAclEntry(software.amazon.jsii.JsiiObjectRef objRef)

    • CfnNetworkAclEntry

      protected CfnNetworkAclEntry(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • CfnNetworkAclEntry

      @Stability(Stable) public CfnNetworkAclEntry(@NotNull Construct scope, @NotNull String id, @NotNull CfnNetworkAclEntryProps props)
      Create a new AWS::EC2::NetworkAclEntry.

      Parameters:
      scope -
      • scope in which this resource is defined.
      This parameter is required.
      id -
      • scoped id of the resource.
      This parameter is required.
      props -
      • resource properties.
      This parameter is required.

  • Method Details

    • inspect

      @Stability(Stable) public void inspect(@NotNull TreeInspector inspector)
      Examines the CloudFormation resource and discloses attributes.

      Specified by:
      inspect in interface IInspectable
      Parameters:
      inspector -
      • tree inspector to collect and process attributes.
      This parameter is required.

    • renderProperties

      @Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
      Overrides:
      renderProperties in class CfnResource
      Parameters:
      props - This parameter is required.

    • getAttrId

      @Stability(Stable) @NotNull public String getAttrId()
      The ID of the network ACL entry.

    • getCfnProperties

      @Stability(Stable) @NotNull protected Map<String,Object> getCfnProperties()
      Overrides:
      getCfnProperties in class CfnResource

    • getNetworkAclId

      @Stability(Stable) @NotNull public String getNetworkAclId()
      The ID of the ACL for the entry.

    • setNetworkAclId

      @Stability(Stable) public void setNetworkAclId(@NotNull String value)
      The ID of the ACL for the entry.

    • getProtocol

      @Stability(Stable) @NotNull public Number getProtocol()
      The IP protocol that the rule applies to.

      You must specify -1 or a protocol number. You can specify -1 for all protocols.

      If you specify -1, all ports are opened and the PortRange property is ignored.

    • setProtocol

      @Stability(Stable) public void setProtocol(@NotNull Number value)
      The IP protocol that the rule applies to.

      You must specify -1 or a protocol number. You can specify -1 for all protocols.

      If you specify -1, all ports are opened and the PortRange property is ignored.

    • getRuleAction

      @Stability(Stable) @NotNull public String getRuleAction()
      Whether to allow or deny traffic that matches the rule;

      valid values are "allow" or "deny".

    • setRuleAction

      @Stability(Stable) public void setRuleAction(@NotNull String value)
      Whether to allow or deny traffic that matches the rule;

      valid values are "allow" or "deny".

    • getRuleNumber

      @Stability(Stable) @NotNull public Number getRuleNumber()
      Rule number to assign to the entry, such as 100.

      ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.

    • setRuleNumber

      @Stability(Stable) public void setRuleNumber(@NotNull Number value)
      Rule number to assign to the entry, such as 100.

      ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.

    • getCidrBlock

      @Stability(Stable) @Nullable public String getCidrBlock()
      The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). Requirement is conditional: You must specify the CidrBlock or Ipv6CidrBlock property.

    • setCidrBlock

      @Stability(Stable) public void setCidrBlock(@Nullable String value)
      The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). Requirement is conditional: You must specify the CidrBlock or Ipv6CidrBlock property.

    • getEgress

      @Stability(Stable) @Nullable public Object getEgress()
      Whether this rule applies to egress traffic from the subnet ( true ) or ingress traffic to the subnet ( false ).

      By default, AWS CloudFormation specifies false .

    • setEgress

      @Stability(Stable) public void setEgress(@Nullable Boolean value)
      Whether this rule applies to egress traffic from the subnet ( true ) or ingress traffic to the subnet ( false ).

      By default, AWS CloudFormation specifies false .

    • setEgress

      @Stability(Stable) public void setEgress(@Nullable IResolvable value)
      Whether this rule applies to egress traffic from the subnet ( true ) or ingress traffic to the subnet ( false ).

      By default, AWS CloudFormation specifies false .

    • getIcmp

      @Stability(Stable) @Nullable public Object getIcmp()
      The Internet Control Message Protocol (ICMP) code and type.

      Requirement is conditional: Required if specifying 1 (ICMP) for the protocol parameter.

    • setIcmp

      @Stability(Stable) public void setIcmp(@Nullable IResolvable value)
      The Internet Control Message Protocol (ICMP) code and type.

      Requirement is conditional: Required if specifying 1 (ICMP) for the protocol parameter.

    • setIcmp

      @Stability(Stable) public void setIcmp(@Nullable CfnNetworkAclEntry.IcmpProperty value)
      The Internet Control Message Protocol (ICMP) code and type.

      Requirement is conditional: Required if specifying 1 (ICMP) for the protocol parameter.

    • getIpv6CidrBlock

      @Stability(Stable) @Nullable public String getIpv6CidrBlock()
      The IPv6 network range to allow or deny, in CIDR notation.

      Requirement is conditional: You must specify the CidrBlock or Ipv6CidrBlock property.

    • setIpv6CidrBlock

      @Stability(Stable) public void setIpv6CidrBlock(@Nullable String value)
      The IPv6 network range to allow or deny, in CIDR notation.

      Requirement is conditional: You must specify the CidrBlock or Ipv6CidrBlock property.

    • getPortRange

      @Stability(Stable) @Nullable public Object getPortRange()
      The range of port numbers for the UDP/TCP protocol.

      Conditional required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.

    • setPortRange

      @Stability(Stable) public void setPortRange(@Nullable IResolvable value)
      The range of port numbers for the UDP/TCP protocol.

      Conditional required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.

    • setPortRange

      @Stability(Stable) public void setPortRange(@Nullable CfnNetworkAclEntry.PortRangeProperty value)
      The range of port numbers for the UDP/TCP protocol.

      Conditional required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.