@Generated(value="jsii-pacmak/1.58.0 (build f8ba112)", date="2022-05-13T01:13:32.471Z") public class CfnNetworkAclEntry extends CfnResource implements IInspectable
Specifies an entry, known as a rule, in a network ACL with a rule number you specify. Each network ACL has a set of numbered ingress rules and a separate set of numbered egress rules.
For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import software.amazon.awscdk.services.ec2.*; CfnNetworkAclEntry cfnNetworkAclEntry = CfnNetworkAclEntry.Builder.create(this, "MyCfnNetworkAclEntry") .networkAclId("networkAclId") .protocol(123) .ruleAction("ruleAction") .ruleNumber(123) // the properties below are optional .cidrBlock("cidrBlock") .egress(false) .icmp(IcmpProperty.builder() .code(123) .type(123) .build()) .ipv6CidrBlock("ipv6CidrBlock") .portRange(PortRangeProperty.builder() .from(123) .to(123) .build()) .build();
Modifier and Type | Class and Description |
---|---|
static class |
CfnNetworkAclEntry.Builder
A fluent builder for
CfnNetworkAclEntry . |
static interface |
CfnNetworkAclEntry.IcmpProperty
Describes the ICMP type and code.
|
static interface |
CfnNetworkAclEntry.PortRangeProperty
Describes a range of ports.
|
IInspectable.Jsii$Default, IInspectable.Jsii$Proxy
IConstruct.Jsii$Default
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
|
Modifier | Constructor and Description |
---|---|
|
CfnNetworkAclEntry(Construct scope,
java.lang.String id,
CfnNetworkAclEntryProps props)
Create a new `AWS::EC2::NetworkAclEntry`.
|
protected |
CfnNetworkAclEntry(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
CfnNetworkAclEntry(software.amazon.jsii.JsiiObjectRef objRef) |
Modifier and Type | Method and Description |
---|---|
java.lang.String |
getAttrId()
The ID of the network ACL entry.
|
protected java.util.Map<java.lang.String,java.lang.Object> |
getCfnProperties() |
java.lang.String |
getCidrBlock()
The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24).
|
java.lang.Object |
getEgress()
Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).
|
java.lang.Object |
getIcmp()
The Internet Control Message Protocol (ICMP) code and type.
|
java.lang.String |
getIpv6CidrBlock()
The IPv6 network range to allow or deny, in CIDR notation.
|
java.lang.String |
getNetworkAclId()
The ID of the ACL for the entry.
|
java.lang.Object |
getPortRange()
The range of port numbers for the UDP/TCP protocol.
|
java.lang.Number |
getProtocol()
The IP protocol that the rule applies to.
|
java.lang.String |
getRuleAction()
Whether to allow or deny traffic that matches the rule;
|
java.lang.Number |
getRuleNumber()
Rule number to assign to the entry, such as 100.
|
void |
inspect(TreeInspector inspector)
Examines the CloudFormation resource and discloses attributes.
|
protected java.util.Map<java.lang.String,java.lang.Object> |
renderProperties(java.util.Map<java.lang.String,java.lang.Object> props) |
void |
setCidrBlock(java.lang.String value)
The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24).
|
void |
setEgress(java.lang.Boolean value)
Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).
|
void |
setEgress(IResolvable value)
Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).
|
void |
setIcmp(CfnNetworkAclEntry.IcmpProperty value)
The Internet Control Message Protocol (ICMP) code and type.
|
void |
setIcmp(IResolvable value)
The Internet Control Message Protocol (ICMP) code and type.
|
void |
setIpv6CidrBlock(java.lang.String value)
The IPv6 network range to allow or deny, in CIDR notation.
|
void |
setNetworkAclId(java.lang.String value)
The ID of the ACL for the entry.
|
void |
setPortRange(CfnNetworkAclEntry.PortRangeProperty value)
The range of port numbers for the UDP/TCP protocol.
|
void |
setPortRange(IResolvable value)
The range of port numbers for the UDP/TCP protocol.
|
void |
setProtocol(java.lang.Number value)
The IP protocol that the rule applies to.
|
void |
setRuleAction(java.lang.String value)
Whether to allow or deny traffic that matches the rule;
|
void |
setRuleNumber(java.lang.Number value)
Rule number to assign to the entry, such as 100.
|
addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, isCfnResource, shouldSynthesize, toString, validateProperties
getRef
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId
getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate
public static final java.lang.String CFN_RESOURCE_TYPE_NAME
protected CfnNetworkAclEntry(software.amazon.jsii.JsiiObjectRef objRef)
protected CfnNetworkAclEntry(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
public CfnNetworkAclEntry(Construct scope, java.lang.String id, CfnNetworkAclEntryProps props)
scope
- - scope in which this resource is defined. This parameter is required.id
- - scoped id of the resource. This parameter is required.props
- - resource properties. This parameter is required.public void inspect(TreeInspector inspector)
inspect
in interface IInspectable
inspector
- - tree inspector to collect and process attributes. This parameter is required.protected java.util.Map<java.lang.String,java.lang.Object> renderProperties(java.util.Map<java.lang.String,java.lang.Object> props)
renderProperties
in class CfnResource
props
- This parameter is required.public java.lang.String getAttrId()
protected java.util.Map<java.lang.String,java.lang.Object> getCfnProperties()
getCfnProperties
in class CfnResource
public java.lang.String getNetworkAclId()
public void setNetworkAclId(java.lang.String value)
public java.lang.Number getProtocol()
You must specify -1 or a protocol number. You can specify -1 for all protocols.
If you specify -1, all ports are opened and the
PortRange
property is ignored.
public void setProtocol(java.lang.Number value)
You must specify -1 or a protocol number. You can specify -1 for all protocols.
If you specify -1, all ports are opened and the
PortRange
property is ignored.
public java.lang.String getRuleAction()
valid values are "allow" or "deny".
public void setRuleAction(java.lang.String value)
valid values are "allow" or "deny".
public java.lang.Number getRuleNumber()
ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.
public void setRuleNumber(java.lang.Number value)
ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.
public java.lang.String getCidrBlock()
public void setCidrBlock(java.lang.String value)
public java.lang.Object getEgress()
By default, AWS CloudFormation specifies false
.
public void setEgress(java.lang.Boolean value)
By default, AWS CloudFormation specifies false
.
public void setEgress(IResolvable value)
By default, AWS CloudFormation specifies false
.
public java.lang.Object getIcmp()
Requirement is conditional: Required if specifying 1 (ICMP) for the protocol parameter.
public void setIcmp(IResolvable value)
Requirement is conditional: Required if specifying 1 (ICMP) for the protocol parameter.
public void setIcmp(CfnNetworkAclEntry.IcmpProperty value)
Requirement is conditional: Required if specifying 1 (ICMP) for the protocol parameter.
public java.lang.String getIpv6CidrBlock()
Requirement is conditional: You must specify the CidrBlock
or Ipv6CidrBlock
property.
public void setIpv6CidrBlock(java.lang.String value)
Requirement is conditional: You must specify the CidrBlock
or Ipv6CidrBlock
property.
public java.lang.Object getPortRange()
Conditional required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.
public void setPortRange(IResolvable value)
Conditional required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.
public void setPortRange(CfnNetworkAclEntry.PortRangeProperty value)
Conditional required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.