Class | AWS::EC2::NetworkACL |
In: |
lib/aws/ec2/network_acl.rb
lib/aws/ec2/network_acl/entry.rb lib/aws/ec2/network_acl/association.rb |
Parent: | Resource |
Represents a network ACL in EC2.
@attr_reader [String] vpc_id
@attr_reader [Boolean] default Returns true if this is the default
network ACL.
network_acl_id | -> | id |
default | -> | default? |
network_acl_id | [R] | @return [String] |
@return [Array<NetworkACL::Association>] Returns an array of
{NetworkACL::Association} objects (association to subnets).
Adds an entry to this network ACL.
@param [Hash] options
@option options [required,Integer] :rule_number Rule number to
assign to the entry (e.g., 100). ACL entries are processed in ascending order by rule number.
@option options [required,:allow,:deny] :action Whether to
allow or deny traffic that matches the rule.
@option options [required,Integer] :protocol IP protocol the rule
applies to. You can use -1 to mean all protocols. You can see a list of # supported protocol numbers here: http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xml
@option options [required,String] :cidr_block The CIDR range to
allow or deny, in CIDR notation (e.g., 172.16.0.0/24).
@option options [Boolean] :egress (false)
Whether this rule applies to egress traffic from the subnet (true) or ingress traffic to the subnet (false).
@option options [Range<Integer>] :port_range A numeric range
of ports. Required if specifying TCP (6) or UDP (17) for the :protocol.
@option options [Integer] :icmp_code For the ICMP protocol, the
ICMP code. You can use -1 to specify all ICMP codes for the given ICMP type.
@option options [Integer] :icmp_type For the ICMP protocol,
the ICMP type. You can use -1 to specify all ICMP types.
@return [nil]
Deletes an entry from this network ACL. To delete an entry you need to know its rule number and if it is an egress or ingress rule.
# delete ingress rule 10 network_acl.delete_entry :egress, 10 # delete egress rules 5 network_acl.delete_entry :ingress, 5
@param [:ingress,:egress] egress_or_ingress Specifies if you want to
delete an ingress or an egress rule.
@param [Integer] rule_number Which rule to delete.
@return [nil]
Replaces the network ACL entry with the given :rule_number.
@param [Hash] options
@option options [required,Integer] :rule_number Rule number to
assign to the entry (e.g., 100). ACL entries are processed in ascending order by rule number.
@option options [required,:allow,:deny] :action Whether to
allow or deny traffic that matches the rule.
@option options [required,Integer] :protocol IP protocol the rule
applies to. You can use -1 to mean all protocols. You can see a list of # supported protocol numbers here: http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xml
@option options [required,String] :cidr_block The CIDR range to
allow or deny, in CIDR notation (e.g., 172.16.0.0/24).
@option options [Boolean] :egress (false)
Whether this rule applies to egress traffic from the subnet (true) or ingress traffic to the subnet (false).
@option options [Range<Integer>] :port_range A numeric range
of ports. Required if specifying TCP (6) or UDP (17) for the :protocol.
@option options [Integer] :icmp_code For the ICMP protocol, the
ICMP code. You can use -1 to specify all ICMP codes for the given ICMP type.
@option options [Integer] :icmp_type For the ICMP protocol,
the ICMP type. You can use -1 to specify all ICMP types.
@return [nil]