Class CfnNetworkAclEntryProps
Properties for defining a CfnNetworkAclEntry.
Implements
Inherited Members
Namespace: Amazon.CDK.AWS.EC2
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnNetworkAclEntryProps : ICfnNetworkAclEntryPropsSyntax (vb)
Public Class CfnNetworkAclEntryProps Implements ICfnNetworkAclEntryPropsRemarks
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-networkaclentry.html
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.EC2;
var cfnNetworkAclEntryProps = new CfnNetworkAclEntryProps {
NetworkAclId = "networkAclId",
Protocol = 123,
RuleAction = "ruleAction",
RuleNumber = 123,
// the properties below are optional
CidrBlock = "cidrBlock",
Egress = false,
Icmp = new IcmpProperty {
Code = 123,
Type = 123
},
Ipv6CidrBlock = "ipv6CidrBlock",
PortRange = new PortRangeProperty {
From = 123,
To = 123
}
};Synopsis
Constructors
| CfnNetworkAclEntryProps() | Properties for defining a |
Properties
| CidrBlock | The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block. |
| Egress | Whether this rule applies to egress traffic from the subnet ( |
| Icmp | The Internet Control Message Protocol (ICMP) code and type. |
| Ipv6CidrBlock | The IPv6 network range to allow or deny, in CIDR notation. |
| NetworkAclId | The ID of the ACL for the entry. |
| PortRange | The range of port numbers for the UDP/TCP protocol. |
| Protocol | The IP protocol that the rule applies to. |
| RuleAction | Whether to allow or deny traffic that matches the rule; |
| RuleNumber | Rule number to assign to the entry, such as 100. |
Constructors
CfnNetworkAclEntryProps()
Properties for defining a CfnNetworkAclEntry.
public CfnNetworkAclEntryProps()Remarks
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-networkaclentry.html
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.EC2;
var cfnNetworkAclEntryProps = new CfnNetworkAclEntryProps {
NetworkAclId = "networkAclId",
Protocol = 123,
RuleAction = "ruleAction",
RuleNumber = 123,
// the properties below are optional
CidrBlock = "cidrBlock",
Egress = false,
Icmp = new IcmpProperty {
Code = 123,
Type = 123
},
Ipv6CidrBlock = "ipv6CidrBlock",
PortRange = new PortRangeProperty {
From = 123,
To = 123
}
};Properties
CidrBlock
The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block.
public string? CidrBlock { get; set; }Property Value
Remarks
Egress
Whether this rule applies to egress traffic from the subnet ( true ) or ingress traffic to the subnet ( false ).
public object? Egress { get; set; }Property Value
Remarks
By default, AWS CloudFormation specifies false .
Type union: either bool or IResolvable
Icmp
The Internet Control Message Protocol (ICMP) code and type.
public object? Icmp { get; set; }Property Value
Remarks
Required if specifying 1 (ICMP) for the protocol parameter.
Type union: either IResolvable or CfnNetworkAclEntry.IIcmpProperty
Ipv6CidrBlock
The IPv6 network range to allow or deny, in CIDR notation.
public string? Ipv6CidrBlock { get; set; }Property Value
Remarks
You must specify an IPv4 CIDR block or an IPv6 CIDR block.
NetworkAclId
The ID of the ACL for the entry.
public string NetworkAclId { get; set; }Property Value
Remarks
PortRange
The range of port numbers for the UDP/TCP protocol.
public object? PortRange { get; set; }Property Value
Remarks
Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.
Type union: either IResolvable or CfnNetworkAclEntry.IPortRangeProperty
Protocol
The IP protocol that the rule applies to.
public double Protocol { get; set; }Property Value
Remarks
You must specify -1 or a protocol number. You can specify -1 for all protocols.
If you specify -1, all ports are opened and the <code>PortRange</code> property is ignored.
RuleAction
Whether to allow or deny traffic that matches the rule;
public string RuleAction { get; set; }Property Value
Remarks
valid values are "allow" or "deny".
RuleNumber
Rule number to assign to the entry, such as 100.
public double RuleNumber { get; set; }Property Value
Remarks
ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.