AwsEc2NetworkAclEntry - Amazon Security Hub
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AwsEc2NetworkAclEntry

A rule for the network ACL. Each rule allows or denies access based on the IP address, traffic direction, port, and protocol.

Contents

CidrBlock

The IPV4 network range for which to deny or allow access.

Type: String

Pattern: .*\S.*

Required: No

Egress

Whether the rule is an egress rule. An egress rule is a rule that applies to traffic that leaves the subnet.

Type: Boolean

Required: No

IcmpTypeCode

The Internet Control Message Protocol (ICMP) type and code for which to deny or allow access.

Type: IcmpTypeCode object

Required: No

Ipv6CidrBlock

The IPV6 network range for which to deny or allow access.

Type: String

Pattern: .*\S.*

Required: No

PortRange

For TCP or UDP protocols, the range of ports that the rule applies to.

Type: PortRangeFromTo object

Required: No

Protocol

The protocol that the rule applies to. To deny or allow access to all protocols, use the value -1.

Type: String

Pattern: .*\S.*

Required: No

RuleAction

Whether the rule is used to allow access or deny access.

Type: String

Pattern: .*\S.*

Required: No

RuleNumber

The rule number. The rules are processed in order by their number.

Type: Integer

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: