Class: AWSCDK::EC2::CfnSecurityGroupEgressProps

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
ec2/cfn_security_group_egress_props.rb

Overview

Properties for defining a CfnSecurityGroupEgress.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(group_id:, ip_protocol:, cidr_ip: nil, cidr_ipv6: nil, description: nil, destination_prefix_list_id: nil, destination_security_group_id: nil, from_port: nil, to_port: nil) ⇒ CfnSecurityGroupEgressProps

Returns a new instance of CfnSecurityGroupEgressProps.

Parameters:

  • group_id (String, AWSCDK::Interfaces::AWSEC2::ISecurityGroupRef)

    The ID of the security group.

  • ip_protocol (String)

    The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).

  • cidr_ip (String, nil) (defaults to: nil)

    The IPv4 address range, in CIDR format.

  • cidr_ipv6 (String, nil) (defaults to: nil)

    The IPv6 address range, in CIDR format.

  • description (String, nil) (defaults to: nil)

    The description of an egress (outbound) security group rule.

  • destination_prefix_list_id (String, nil) (defaults to: nil)

    The prefix list IDs for an AWS service.

  • destination_security_group_id (String, AWSCDK::Interfaces::AWSEC2::ISecurityGroupRef, nil) (defaults to: nil)

    The ID of the security group.

  • from_port (Numeric, nil) (defaults to: nil)

    If the protocol is TCP or UDP, this is the start of the port range.

  • to_port (Numeric, nil) (defaults to: nil)

    If the protocol is TCP or UDP, this is the end of the port range.



18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# File 'ec2/cfn_security_group_egress_props.rb', line 18

def initialize(group_id:, ip_protocol:, cidr_ip: nil, cidr_ipv6: nil, description: nil, destination_prefix_list_id: nil, destination_security_group_id: nil, from_port: nil, to_port: nil)
  @group_id = group_id
  Jsii::Type.check_type(@group_id, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoic3RyaW5nIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5pbnRlcmZhY2VzLmF3c19lYzIuSVNlY3VyaXR5R3JvdXBSZWYifV19fQ==")), "groupId")
  @ip_protocol = ip_protocol
  Jsii::Type.check_type(@ip_protocol, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "ipProtocol")
  @cidr_ip = cidr_ip
  Jsii::Type.check_type(@cidr_ip, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "cidrIp") unless @cidr_ip.nil?
  @cidr_ipv6 = cidr_ipv6
  Jsii::Type.check_type(@cidr_ipv6, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "cidrIpv6") unless @cidr_ipv6.nil?
  @description = description
  Jsii::Type.check_type(@description, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "description") unless @description.nil?
  @destination_prefix_list_id = destination_prefix_list_id
  Jsii::Type.check_type(@destination_prefix_list_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "destinationPrefixListId") unless @destination_prefix_list_id.nil?
  @destination_security_group_id = destination_security_group_id
  Jsii::Type.check_type(@destination_security_group_id, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoic3RyaW5nIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5pbnRlcmZhY2VzLmF3c19lYzIuSVNlY3VyaXR5R3JvdXBSZWYifV19fQ==")), "destinationSecurityGroupId") unless @destination_security_group_id.nil?
  @from_port = from_port
  Jsii::Type.check_type(@from_port, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJudW1iZXIifQ==")), "fromPort") unless @from_port.nil?
  @to_port = to_port
  Jsii::Type.check_type(@to_port, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJudW1iZXIifQ==")), "toPort") unless @to_port.nil?
end

Instance Attribute Details

#cidr_ipString? (readonly)

The IPv4 address range, in CIDR format.

You must specify exactly one of the following: CidrIp , CidrIpv6 , DestinationPrefixListId , or DestinationSecurityGroupId .

For examples of rules that you can add to security groups for specific access scenarios, see Security group rules for different use cases in the Amazon EC2 User Guide .



61
62
63
# File 'ec2/cfn_security_group_egress_props.rb', line 61

def cidr_ip
  @cidr_ip
end

#cidr_ipv6String? (readonly)

The IPv6 address range, in CIDR format.

You must specify exactly one of the following: CidrIp , CidrIpv6 , DestinationPrefixListId , or DestinationSecurityGroupId .

For examples of rules that you can add to security groups for specific access scenarios, see Security group rules for different use cases in the Amazon EC2 User Guide .



70
71
72
# File 'ec2/cfn_security_group_egress_props.rb', line 70

def cidr_ipv6
  @cidr_ipv6
end

#descriptionString? (readonly)

The description of an egress (outbound) security group rule.

Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*



77
78
79
# File 'ec2/cfn_security_group_egress_props.rb', line 77

def description
  @description
end

#destination_prefix_list_idString? (readonly)

The prefix list IDs for an AWS service.

This is the AWS service to access through a VPC endpoint from instances associated with the security group.

You must specify exactly one of the following: CidrIp , CidrIpv6 , DestinationPrefixListId , or DestinationSecurityGroupId .



86
87
88
# File 'ec2/cfn_security_group_egress_props.rb', line 86

def destination_prefix_list_id
  @destination_prefix_list_id
end

#destination_security_group_idString, ... (readonly)

The ID of the security group.

You must specify exactly one of the following: CidrIp , CidrIpv6 , DestinationPrefixListId , or DestinationSecurityGroupId .



93
94
95
# File 'ec2/cfn_security_group_egress_props.rb', line 93

def destination_security_group_id
  @destination_security_group_id
end

#from_portNumeric? (readonly)

If the protocol is TCP or UDP, this is the start of the port range.

If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).



100
101
102
# File 'ec2/cfn_security_group_egress_props.rb', line 100

def from_port
  @from_port
end

#group_idString, AWSCDK::Interfaces::AWSEC2::ISecurityGroupRef (readonly)

The ID of the security group.

You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.



45
46
47
# File 'ec2/cfn_security_group_egress_props.rb', line 45

def group_id
  @group_id
end

#ip_protocolString (readonly)

The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).

Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp , udp , icmp , or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp , udp , and icmp , you must specify a port range. For icmpv6 , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.



52
53
54
# File 'ec2/cfn_security_group_egress_props.rb', line 52

def ip_protocol
  @ip_protocol
end

#to_portNumeric? (readonly)

If the protocol is TCP or UDP, this is the end of the port range.

If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).



107
108
109
# File 'ec2/cfn_security_group_egress_props.rb', line 107

def to_port
  @to_port
end

Class Method Details

.jsii_propertiesObject



109
110
111
112
113
114
115
116
117
118
119
120
121
# File 'ec2/cfn_security_group_egress_props.rb', line 109

def self.jsii_properties
  {
    :group_id => "groupId",
    :ip_protocol => "ipProtocol",
    :cidr_ip => "cidrIp",
    :cidr_ipv6 => "cidrIpv6",
    :description => "description",
    :destination_prefix_list_id => "destinationPrefixListId",
    :destination_security_group_id => "destinationSecurityGroupId",
    :from_port => "fromPort",
    :to_port => "toPort",
  }
end

Instance Method Details

#to_jsiiObject



123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
# File 'ec2/cfn_security_group_egress_props.rb', line 123

def to_jsii
  result = {}
  result.merge!({
    "groupId" => @group_id,
    "ipProtocol" => @ip_protocol,
    "cidrIp" => @cidr_ip,
    "cidrIpv6" => @cidr_ipv6,
    "description" => @description,
    "destinationPrefixListId" => @destination_prefix_list_id,
    "destinationSecurityGroupId" => @destination_security_group_id,
    "fromPort" => @from_port,
    "toPort" => @to_port,
  })
  result.compact
end