Interface CfnRuleGroup.MatchAttributesProperty
- All Superinterfaces:
software.amazon.jsii.JsiiSerializable
- All Known Implementing Classes:
CfnRuleGroup.MatchAttributesProperty.Jsii$Proxy
- Enclosing class:
CfnRuleGroup
Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import software.amazon.awscdk.services.networkfirewall.*; MatchAttributesProperty matchAttributesProperty = MatchAttributesProperty.builder() .destinationPorts(List.of(PortRangeProperty.builder() .fromPort(123) .toPort(123) .build())) .destinations(List.of(AddressProperty.builder() .addressDefinition("addressDefinition") .build())) .protocols(List.of(123)) .sourcePorts(List.of(PortRangeProperty.builder() .fromPort(123) .toPort(123) .build())) .sources(List.of(AddressProperty.builder() .addressDefinition("addressDefinition") .build())) .tcpFlags(List.of(TCPFlagFieldProperty.builder() .flags(List.of("flags")) // the properties below are optional .masks(List.of("masks")) .build())) .build();
- See Also:
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic final class
A builder forCfnRuleGroup.MatchAttributesProperty
static final class
An implementation forCfnRuleGroup.MatchAttributesProperty
-
Method Summary
Modifier and TypeMethodDescriptionbuilder()
default Object
The destination ports to inspect for.default Object
The destination IP addresses and address ranges to inspect for, in CIDR notation.default Object
The protocols to inspect for, specified using each protocol's assigned internet protocol number (IANA).default Object
The source ports to inspect for.default Object
The source IP addresses and address ranges to inspect for, in CIDR notation.default Object
The TCP flags and masks to inspect for.Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getDestinationPorts
The destination ports to inspect for.If not specified, this matches with any destination port. This setting is only used for protocols 6 (TCP) and 17 (UDP).
You can specify individual ports, for example
1994
and you can specify port ranges, for example1990:1994
.- See Also:
-
getDestinations
The destination IP addresses and address ranges to inspect for, in CIDR notation.If not specified, this matches with any destination address.
- See Also:
-
getProtocols
The protocols to inspect for, specified using each protocol's assigned internet protocol number (IANA).If not specified, this matches with any protocol.
- See Also:
-
getSourcePorts
The source ports to inspect for.If not specified, this matches with any source port. This setting is only used for protocols 6 (TCP) and 17 (UDP).
You can specify individual ports, for example
1994
and you can specify port ranges, for example1990:1994
.- See Also:
-
getSources
The source IP addresses and address ranges to inspect for, in CIDR notation.If not specified, this matches with any source address.
- See Also:
-
getTcpFlags
The TCP flags and masks to inspect for.If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).
- See Also:
-
builder
-