Interface ICfnNetworkAclEntryProps
Properties for defining a CfnNetworkAclEntry.
Namespace: Amazon.CDK.AWS.EC2
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface ICfnNetworkAclEntryPropsSyntax (vb)
Public Interface ICfnNetworkAclEntryPropsRemarks
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-networkaclentry.html
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.EC2;
var cfnNetworkAclEntryProps = new CfnNetworkAclEntryProps {
NetworkAclId = "networkAclId",
Protocol = 123,
RuleAction = "ruleAction",
RuleNumber = 123,
// the properties below are optional
CidrBlock = "cidrBlock",
Egress = false,
Icmp = new IcmpProperty {
Code = 123,
Type = 123
},
Ipv6CidrBlock = "ipv6CidrBlock",
PortRange = new PortRangeProperty {
From = 123,
To = 123
}
};Synopsis
Properties
| Cidr |
The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block. |
| Egress | Whether this rule applies to egress traffic from the subnet ( |
| Icmp | The Internet Control Message Protocol (ICMP) code and type. |
| Ipv6Cidr |
The IPv6 network range to allow or deny, in CIDR notation. |
| Network |
The ID of the ACL for the entry. |
| Port |
The range of port numbers for the UDP/TCP protocol. |
| Protocol | The IP protocol that the rule applies to. |
| Rule |
Whether to allow or deny traffic that matches the rule; |
| Rule |
Rule number to assign to the entry, such as 100. |
Properties
CidrBlock
The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block.
virtual string CidrBlock { get; }Property Value
System.
Remarks
Egress
Whether this rule applies to egress traffic from the subnet ( true ) or ingress traffic to the subnet ( false ).
virtual object Egress { get; }Property Value
System.
Remarks
By default, AWS CloudFormation specifies false .
Icmp
The Internet Control Message Protocol (ICMP) code and type.
virtual object Icmp { get; }Property Value
System.
Remarks
Required if specifying 1 (ICMP) for the protocol parameter.
Ipv6CidrBlock
The IPv6 network range to allow or deny, in CIDR notation.
virtual string Ipv6CidrBlock { get; }Property Value
System.
Remarks
You must specify an IPv4 CIDR block or an IPv6 CIDR block.
NetworkAclId
The ID of the ACL for the entry.
string NetworkAclId { get; }Property Value
System.
Remarks
PortRange
The range of port numbers for the UDP/TCP protocol.
virtual object PortRange { get; }Property Value
System.
Remarks
Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.
Protocol
The IP protocol that the rule applies to.
double Protocol { get; }Property Value
System.
Remarks
You must specify -1 or a protocol number. You can specify -1 for all protocols.
If you specify -1, all ports are opened and the PortRange property is ignored.
RuleAction
Whether to allow or deny traffic that matches the rule;
string RuleAction { get; }Property Value
System.
Remarks
valid values are "allow" or "deny".
RuleNumber
Rule number to assign to the entry, such as 100.
double RuleNumber { get; }Property Value
System.
Remarks
ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.