software.amazon.awscdk.services.ec2

Class CfnNetworkAclEntry

java.lang.Object

software.amazon.jsii.JsiiObject

software.constructs.Construct

software.amazon.awscdk.CfnElement

software.amazon.awscdk.CfnRefElement

software.amazon.awscdk.CfnResource

software.amazon.awscdk.services.ec2.CfnNetworkAclEntry

All Implemented Interfaces:

IInspectable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable

@Generated(value="jsii-pacmak/1.67.0 (build 2c027f5)",
           date="2022-09-19T20:26:38.253Z")
 @Stability(value=Stable)
public class CfnNetworkAclEntry
extends CfnResource
implements IInspectable

A CloudFormation `AWS::EC2::NetworkAclEntry`.

Specifies an entry, known as a rule, in a network ACL with a rule number you specify. Each network ACL has a set of numbered ingress rules and a separate set of numbered egress rules.

For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.ec2.*;
 CfnNetworkAclEntry cfnNetworkAclEntry = CfnNetworkAclEntry.Builder.create(this, "MyCfnNetworkAclEntry")
         .networkAclId("networkAclId")
         .protocol(123)
         .ruleAction("ruleAction")
         .ruleNumber(123)
         // the properties below are optional
         .cidrBlock("cidrBlock")
         .egress(false)
         .icmp(IcmpProperty.builder()
                 .code(123)
                 .type(123)
                 .build())
         .ipv6CidrBlock("ipv6CidrBlock")
         .portRange(PortRangeProperty.builder()
                 .from(123)
                 .to(123)
                 .build())
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	CfnNetworkAclEntry.Builder A fluent builder for CfnNetworkAclEntry.
static interface	CfnNetworkAclEntry.IcmpProperty Describes the ICMP type and code.
static interface	CfnNetworkAclEntry.PortRangeProperty Describes a range of ports.

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.amazon.awscdk.IInspectable

IInspectable.Jsii$Default, IInspectable.Jsii$Proxy

Nested classes/interfaces inherited from interface software.constructs.IConstruct

software.constructs.IConstruct.Jsii$Default

Field Summary

Fields

Modifier and Type	Field and Description
static String	CFN_RESOURCE_TYPE_NAME The CloudFormation resource type name for this resource class.

Constructor Summary

Constructors

Modifier	Constructor and Description
	CfnNetworkAclEntry(software.constructs.Construct scope, String id, CfnNetworkAclEntryProps props) Create a new `AWS::EC2::NetworkAclEntry`.
protected	CfnNetworkAclEntry(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	CfnNetworkAclEntry(software.amazon.jsii.JsiiObjectRef objRef)

Method Summary

Modifier and Type	Method and Description
String	getAttrId() The ID of the network ACL entry.
protected Map<String,Object>	getCfnProperties()
String	getCidrBlock() The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24).
Object	getEgress() Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).
Object	getIcmp() The Internet Control Message Protocol (ICMP) code and type.
String	getIpv6CidrBlock() The IPv6 network range to allow or deny, in CIDR notation.
String	getNetworkAclId() The ID of the ACL for the entry.
Object	getPortRange() The range of port numbers for the UDP/TCP protocol.
Number	getProtocol() The IP protocol that the rule applies to.
String	getRuleAction() Whether to allow or deny traffic that matches the rule;
Number	getRuleNumber() Rule number to assign to the entry, such as 100.
void	inspect(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.
protected Map<String,Object>	renderProperties(Map<String,Object> props)
void	setCidrBlock(String value) The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24).
void	setEgress(Boolean value) Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).
void	setEgress(IResolvable value) Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).
void	setIcmp(CfnNetworkAclEntry.IcmpProperty value) The Internet Control Message Protocol (ICMP) code and type.
void	setIcmp(IResolvable value) The Internet Control Message Protocol (ICMP) code and type.
void	setIpv6CidrBlock(String value) The IPv6 network range to allow or deny, in CIDR notation.
void	setNetworkAclId(String value) The ID of the ACL for the entry.
void	setPortRange(CfnNetworkAclEntry.PortRangeProperty value) The range of port numbers for the UDP/TCP protocol.
void	setPortRange(IResolvable value) The range of port numbers for the UDP/TCP protocol.
void	setProtocol(Number value) The IP protocol that the rule applies to.
void	setRuleAction(String value) Whether to allow or deny traffic that matches the rule;
void	setRuleNumber(Number value) Rule number to assign to the entry, such as 100.

Methods inherited from class software.amazon.awscdk.CfnResource

addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, getUpdatedProperties, isCfnResource, shouldSynthesize, toString, validateProperties

Methods inherited from class software.amazon.awscdk.CfnRefElement

getRef

Methods inherited from class software.amazon.awscdk.CfnElement

getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId

Methods inherited from class software.constructs.Construct

getNode, isConstruct

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Field Detail

CFN_RESOURCE_TYPE_NAME

@Stability(value=Stable)
public static final String CFN_RESOURCE_TYPE_NAME

The CloudFormation resource type name for this resource class.

Constructor Detail

CfnNetworkAclEntry

protected CfnNetworkAclEntry(software.amazon.jsii.JsiiObjectRef objRef)

CfnNetworkAclEntry

protected CfnNetworkAclEntry(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

CfnNetworkAclEntry

@Stability(value=Stable)
public CfnNetworkAclEntry(@NotNull
                                                   software.constructs.Construct scope,
                                                   @NotNull
                                                   String id,
                                                   @NotNull
                                                   CfnNetworkAclEntryProps props)

Create a new `AWS::EC2::NetworkAclEntry`.

Parameters:

scope - - scope in which this resource is defined. This parameter is required.

id - - scoped id of the resource. This parameter is required.

props - - resource properties. This parameter is required.

Method Detail

inspect

@Stability(value=Stable)
public void inspect(@NotNull
                                             TreeInspector inspector)

Examines the CloudFormation resource and discloses attributes.

Specified by:

inspect in interface IInspectable

Parameters:

inspector - - tree inspector to collect and process attributes. This parameter is required.

renderProperties

@Stability(value=Stable)
 @NotNull
protected Map<String,Object> renderProperties(@NotNull
                                                                                 Map<String,Object> props)

Overrides:

renderProperties in class CfnResource

Parameters:

props - This parameter is required.

getAttrId

@Stability(value=Stable)
 @NotNull
public String getAttrId()

The ID of the network ACL entry.

getCfnProperties

@Stability(value=Stable)
 @NotNull
protected Map<String,Object> getCfnProperties()

Overrides:

getCfnProperties in class CfnResource

getNetworkAclId

@Stability(value=Stable)
 @NotNull
public String getNetworkAclId()

The ID of the ACL for the entry.

setNetworkAclId

@Stability(value=Stable)
public void setNetworkAclId(@NotNull
                                                     String value)

The ID of the ACL for the entry.

getProtocol

@Stability(value=Stable)
 @NotNull
public Number getProtocol()

The IP protocol that the rule applies to.

You must specify -1 or a protocol number. You can specify -1 for all protocols.

If you specify -1, all ports are opened and the PortRange property is ignored.

setProtocol

@Stability(value=Stable)
public void setProtocol(@NotNull
                                                 Number value)

The IP protocol that the rule applies to.

You must specify -1 or a protocol number. You can specify -1 for all protocols.

If you specify -1, all ports are opened and the PortRange property is ignored.

getRuleAction

@Stability(value=Stable)
 @NotNull
public String getRuleAction()

Whether to allow or deny traffic that matches the rule;

valid values are "allow" or "deny".

setRuleAction

@Stability(value=Stable)
public void setRuleAction(@NotNull
                                                   String value)

Whether to allow or deny traffic that matches the rule;

valid values are "allow" or "deny".

getRuleNumber

@Stability(value=Stable)
 @NotNull
public Number getRuleNumber()

Rule number to assign to the entry, such as 100.

ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.

setRuleNumber

@Stability(value=Stable)
public void setRuleNumber(@NotNull
                                                   Number value)

Rule number to assign to the entry, such as 100.

ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.

getCidrBlock

@Stability(value=Stable)
 @Nullable
public String getCidrBlock()

The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). Requirement is conditional: You must specify the `CidrBlock` or `Ipv6CidrBlock` property.

setCidrBlock

@Stability(value=Stable)
public void setCidrBlock(@Nullable
                                                  String value)

The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). Requirement is conditional: You must specify the `CidrBlock` or `Ipv6CidrBlock` property.

getEgress

@Stability(value=Stable)
 @Nullable
public Object getEgress()

Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).

By default, AWS CloudFormation specifies false .

setEgress

@Stability(value=Stable)
public void setEgress(@Nullable
                                               Boolean value)

Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).

By default, AWS CloudFormation specifies false .

setEgress

@Stability(value=Stable)
public void setEgress(@Nullable
                                               IResolvable value)

Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ).

By default, AWS CloudFormation specifies false .

getIcmp

@Stability(value=Stable)
 @Nullable
public Object getIcmp()

The Internet Control Message Protocol (ICMP) code and type.

Requirement is conditional: Required if specifying 1 (ICMP) for the protocol parameter.

setIcmp

@Stability(value=Stable)
public void setIcmp(@Nullable
                                             CfnNetworkAclEntry.IcmpProperty value)

The Internet Control Message Protocol (ICMP) code and type.

Requirement is conditional: Required if specifying 1 (ICMP) for the protocol parameter.

setIcmp

@Stability(value=Stable)
public void setIcmp(@Nullable
                                             IResolvable value)

The Internet Control Message Protocol (ICMP) code and type.

Requirement is conditional: Required if specifying 1 (ICMP) for the protocol parameter.

getIpv6CidrBlock

@Stability(value=Stable)
 @Nullable
public String getIpv6CidrBlock()

The IPv6 network range to allow or deny, in CIDR notation.

Requirement is conditional: You must specify the CidrBlock or Ipv6CidrBlock property.

setIpv6CidrBlock

@Stability(value=Stable)
public void setIpv6CidrBlock(@Nullable
                                                      String value)

The IPv6 network range to allow or deny, in CIDR notation.

Requirement is conditional: You must specify the CidrBlock or Ipv6CidrBlock property.

getPortRange

@Stability(value=Stable)
 @Nullable
public Object getPortRange()

The range of port numbers for the UDP/TCP protocol.

Conditional required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.

setPortRange

@Stability(value=Stable)
public void setPortRange(@Nullable
                                                  CfnNetworkAclEntry.PortRangeProperty value)

The range of port numbers for the UDP/TCP protocol.

Conditional required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.

setPortRange

@Stability(value=Stable)
public void setPortRange(@Nullable
                                                  IResolvable value)

The range of port numbers for the UDP/TCP protocol.

Conditional required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.