software.amazon.awscdk.services.ec2

Class CfnNetworkAclEntry

java.lang.Object

software.constructs.Construct

software.amazon.awscdk.core.Construct

software.amazon.awscdk.core.CfnElement

software.amazon.awscdk.core.CfnRefElement

software.amazon.awscdk.core.CfnResource

software.amazon.awscdk.services.ec2.CfnNetworkAclEntry

All Implemented Interfaces:

IConstruct, IDependable, IInspectable

@Generated(value="jsii-pacmak/1.71.0 (build f1f58ae)",
           date="2022-11-18T02:14:09.234Z")
public class CfnNetworkAclEntry
extends CfnResource
implements IInspectable

A CloudFormation `AWS::EC2::NetworkAclEntry`.

Specifies an entry, known as a rule, in a network ACL with a rule number you specify. Each network ACL has a set of numbered ingress rules and a separate set of numbered egress rules.

For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.ec2.*;
 CfnNetworkAclEntry cfnNetworkAclEntry = CfnNetworkAclEntry.Builder.create(this, "MyCfnNetworkAclEntry")
         .networkAclId("networkAclId")
         .protocol(123)
         .ruleAction("ruleAction")
         .ruleNumber(123)
         // the properties below are optional
         .cidrBlock("cidrBlock")
         .egress(false)
         .icmp(IcmpProperty.builder()
                 .code(123)
                 .type(123)
                 .build())
         .ipv6CidrBlock("ipv6CidrBlock")
         .portRange(PortRangeProperty.builder()
                 .from(123)
                 .to(123)
                 .build())
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	CfnNetworkAclEntry.Builder A fluent builder for CfnNetworkAclEntry.
static interface	CfnNetworkAclEntry.IcmpProperty Describes the ICMP type and code.
static interface	CfnNetworkAclEntry.PortRangeProperty Describes a range of ports.

Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IInspectable

IInspectable.Jsii$Default, IInspectable.Jsii$Proxy

Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct

IConstruct.Jsii$Default

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	CFN_RESOURCE_TYPE_NAME The CloudFormation resource type name for this resource class.

Constructor Summary

Constructors

Modifier	Constructor and Description
	CfnNetworkAclEntry(Construct scope, java.lang.String id, CfnNetworkAclEntryProps props) Create a new `AWS::EC2::NetworkAclEntry`.
protected	CfnNetworkAclEntry(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	CfnNetworkAclEntry(software.amazon.jsii.JsiiObjectRef objRef)

Method Summary

Modifier and Type	Method and Description
java.lang.String	getAttrId() The ID of the network ACL entry.
protected java.util.Map<java.lang.String,java.lang.Object>	getCfnProperties()
java.lang.String	getCidrBlock() The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24).
java.lang.Object	getEgress() Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).
java.lang.Object	getIcmp() The Internet Control Message Protocol (ICMP) code and type.
java.lang.String	getIpv6CidrBlock() The IPv6 network range to allow or deny, in CIDR notation.
java.lang.String	getNetworkAclId() The ID of the ACL for the entry.
java.lang.Object	getPortRange() The range of port numbers for the UDP/TCP protocol.
java.lang.Number	getProtocol() The IP protocol that the rule applies to.
java.lang.String	getRuleAction() Whether to allow or deny traffic that matches the rule;
java.lang.Number	getRuleNumber() Rule number to assign to the entry, such as 100.
void	inspect(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.
protected java.util.Map<java.lang.String,java.lang.Object>	renderProperties(java.util.Map<java.lang.String,java.lang.Object> props)
void	setCidrBlock(java.lang.String value) The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24).
void	setEgress(java.lang.Boolean value) Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).
void	setEgress(IResolvable value) Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).
void	setIcmp(CfnNetworkAclEntry.IcmpProperty value) The Internet Control Message Protocol (ICMP) code and type.
void	setIcmp(IResolvable value) The Internet Control Message Protocol (ICMP) code and type.
void	setIpv6CidrBlock(java.lang.String value) The IPv6 network range to allow or deny, in CIDR notation.
void	setNetworkAclId(java.lang.String value) The ID of the ACL for the entry.
void	setPortRange(CfnNetworkAclEntry.PortRangeProperty value) The range of port numbers for the UDP/TCP protocol.
void	setPortRange(IResolvable value) The range of port numbers for the UDP/TCP protocol.
void	setProtocol(java.lang.Number value) The IP protocol that the rule applies to.
void	setRuleAction(java.lang.String value) Whether to allow or deny traffic that matches the rule;
void	setRuleNumber(java.lang.Number value) Rule number to assign to the entry, such as 100.

Methods inherited from class software.amazon.awscdk.core.CfnResource

addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, isCfnResource, shouldSynthesize, toString, validateProperties

Methods inherited from class software.amazon.awscdk.core.CfnRefElement

getRef

Methods inherited from class software.amazon.awscdk.core.CfnElement

getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId

Methods inherited from class software.amazon.awscdk.core.Construct

getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

CFN_RESOURCE_TYPE_NAME

public static final java.lang.String CFN_RESOURCE_TYPE_NAME

The CloudFormation resource type name for this resource class.

Constructor Detail

CfnNetworkAclEntry

protected CfnNetworkAclEntry(software.amazon.jsii.JsiiObjectRef objRef)

CfnNetworkAclEntry

protected CfnNetworkAclEntry(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

CfnNetworkAclEntry

public CfnNetworkAclEntry(Construct scope,
                          java.lang.String id,
                          CfnNetworkAclEntryProps props)

Create a new `AWS::EC2::NetworkAclEntry`.

Parameters:

scope - - scope in which this resource is defined. This parameter is required.

id - - scoped id of the resource. This parameter is required.

props - - resource properties. This parameter is required.

Method Detail

inspect

public void inspect(TreeInspector inspector)

Examines the CloudFormation resource and discloses attributes.

Specified by:

inspect in interface IInspectable

Parameters:

inspector - - tree inspector to collect and process attributes. This parameter is required.

renderProperties

protected java.util.Map<java.lang.String,java.lang.Object> renderProperties(java.util.Map<java.lang.String,java.lang.Object> props)

Overrides:

renderProperties in class CfnResource

Parameters:

props - This parameter is required.

getAttrId

public java.lang.String getAttrId()

The ID of the network ACL entry.

getCfnProperties

protected java.util.Map<java.lang.String,java.lang.Object> getCfnProperties()

Overrides:

getCfnProperties in class CfnResource

getNetworkAclId

public java.lang.String getNetworkAclId()

The ID of the ACL for the entry.

setNetworkAclId

public void setNetworkAclId(java.lang.String value)

The ID of the ACL for the entry.

getProtocol

public java.lang.Number getProtocol()

The IP protocol that the rule applies to.

You must specify -1 or a protocol number. You can specify -1 for all protocols.

If you specify -1, all ports are opened and the PortRange property is ignored.

setProtocol

public void setProtocol(java.lang.Number value)

The IP protocol that the rule applies to.

You must specify -1 or a protocol number. You can specify -1 for all protocols.

If you specify -1, all ports are opened and the PortRange property is ignored.

getRuleAction

public java.lang.String getRuleAction()

Whether to allow or deny traffic that matches the rule;

valid values are "allow" or "deny".

setRuleAction

public void setRuleAction(java.lang.String value)

Whether to allow or deny traffic that matches the rule;

valid values are "allow" or "deny".

getRuleNumber

public java.lang.Number getRuleNumber()

Rule number to assign to the entry, such as 100.

ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.

setRuleNumber

public void setRuleNumber(java.lang.Number value)

Rule number to assign to the entry, such as 100.

ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.

getCidrBlock

public java.lang.String getCidrBlock()

The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). Requirement is conditional: You must specify the `CidrBlock` or `Ipv6CidrBlock` property.

setCidrBlock

public void setCidrBlock(java.lang.String value)

The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). Requirement is conditional: You must specify the `CidrBlock` or `Ipv6CidrBlock` property.

getEgress

public java.lang.Object getEgress()

Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).

By default, AWS CloudFormation specifies false .

setEgress

public void setEgress(java.lang.Boolean value)

Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).

By default, AWS CloudFormation specifies false .

setEgress

public void setEgress(IResolvable value)

Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).

By default, AWS CloudFormation specifies false .

getIcmp

public java.lang.Object getIcmp()

The Internet Control Message Protocol (ICMP) code and type.

Requirement is conditional: Required if specifying 1 (ICMP) for the protocol parameter.

setIcmp

public void setIcmp(IResolvable value)

The Internet Control Message Protocol (ICMP) code and type.

Requirement is conditional: Required if specifying 1 (ICMP) for the protocol parameter.

setIcmp

public void setIcmp(CfnNetworkAclEntry.IcmpProperty value)

The Internet Control Message Protocol (ICMP) code and type.

Requirement is conditional: Required if specifying 1 (ICMP) for the protocol parameter.

getIpv6CidrBlock

public java.lang.String getIpv6CidrBlock()

The IPv6 network range to allow or deny, in CIDR notation.

Requirement is conditional: You must specify the CidrBlock or Ipv6CidrBlock property.

setIpv6CidrBlock

public void setIpv6CidrBlock(java.lang.String value)

The IPv6 network range to allow or deny, in CIDR notation.

Requirement is conditional: You must specify the CidrBlock or Ipv6CidrBlock property.

getPortRange

public java.lang.Object getPortRange()

The range of port numbers for the UDP/TCP protocol.

Conditional required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.

setPortRange

public void setPortRange(IResolvable value)

The range of port numbers for the UDP/TCP protocol.

Conditional required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.

setPortRange

public void setPortRange(CfnNetworkAclEntry.PortRangeProperty value)

The range of port numbers for the UDP/TCP protocol.

Conditional required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.