Class NetworkAclRule

Creates an entry (a rule) in a network ACL with the specified rule number.

NOTE on Network ACLs and Network ACL Rules: This provider currently provides both a standalone Network ACL Rule resource and a Network ACL resource with rules defined in-line. At this time you cannot use a Network ACL with in-line rules in conjunction with any Network ACL Rule resources. Doing so will cause a conflict of rule settings and will overwrite rules.

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
public MyStack()
{
    var barNetworkAcl = new Aws.Ec2.NetworkAcl("barNetworkAcl", new Aws.Ec2.NetworkAclArgs
    {
        VpcId = aws_vpc.Foo.Id,
    });
    var barNetworkAclRule = new Aws.Ec2.NetworkAclRule("barNetworkAclRule", new Aws.Ec2.NetworkAclRuleArgs
    {
        NetworkAclId = barNetworkAcl.Id,
        RuleNumber = 200,
        Egress = false,
        Protocol = "tcp",
        RuleAction = "allow",
        CidrBlock = aws_vpc.Foo.Cidr_block,
        FromPort = 22,
        ToPort = 22,
    });
}

}
Inheritance
System.Object
Resource
CustomResource
NetworkAclRule
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: Pulumi.Aws.Ec2
Assembly: Pulumi.Aws.dll
Syntax
public class NetworkAclRule : CustomResource

Constructors

View Source

NetworkAclRule(String, NetworkAclRuleArgs, CustomResourceOptions)

Create a NetworkAclRule resource with the given unique name, arguments, and options.

Declaration
public NetworkAclRule(string name, NetworkAclRuleArgs args, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resource
NetworkAclRuleArgs args

The arguments used to populate this resource's properties
CustomResourceOptions options

A bag of options that control this resource's behavior

Properties

View Source

CidrBlock

The network range to allow or deny, in CIDR notation (for example 172.16.0.0/24 ).

Declaration
public Output<string> CidrBlock { get; }
Property Value
Type Description
Output<System.String>
View Source

Egress

Indicates whether this is an egress rule (rule is applied to traffic leaving the subnet). Default false.

Declaration
public Output<bool?> Egress { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

FromPort

The from port to match.

Declaration
public Output<int?> FromPort { get; }
Property Value
Type Description
Output<System.Nullable<System.Int32>>
View Source

IcmpCode

ICMP protocol: The ICMP code. Required if specifying ICMP for the protocol. e.g. -1

Declaration
public Output<string> IcmpCode { get; }
Property Value
Type Description
Output<System.String>
View Source

IcmpType

ICMP protocol: The ICMP type. Required if specifying ICMP for the protocol. e.g. -1

Declaration
public Output<string> IcmpType { get; }
Property Value
Type Description
Output<System.String>
View Source

Ipv6CidrBlock

The IPv6 CIDR block to allow or deny.

Declaration
public Output<string> Ipv6CidrBlock { get; }
Property Value
Type Description
Output<System.String>
View Source

NetworkAclId

The ID of the network ACL.

Declaration
public Output<string> NetworkAclId { get; }
Property Value
Type Description
Output<System.String>
View Source

Protocol

The protocol. A value of -1 means all protocols.

Declaration
public Output<string> Protocol { get; }
Property Value
Type Description
Output<System.String>
View Source

RuleAction

Indicates whether to allow or deny the traffic that matches the rule. Accepted values: allow | deny

Declaration
public Output<string> RuleAction { get; }
Property Value
Type Description
Output<System.String>
View Source

RuleNumber

The rule number for the entry (for example, 100). ACL entries are processed in ascending order by rule number.

Declaration
public Output<int> RuleNumber { get; }
Property Value
Type Description
Output<System.Int32>
View Source

ToPort

The to port to match.

Declaration
public Output<int?> ToPort { get; }
Property Value
Type Description
Output<System.Nullable<System.Int32>>

Methods

View Source

Get(String, Input<String>, NetworkAclRuleState, CustomResourceOptions)

Get an existing NetworkAclRule resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

Declaration
public static NetworkAclRule Get(string name, Input<string> id, NetworkAclRuleState state = null, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resulting resource.
Input<System.String> id

The unique provider ID of the resource to lookup.
NetworkAclRuleState state

Any extra arguments used during the lookup.
CustomResourceOptions options

A bag of options that control this resource's behavior
Returns
Type Description
NetworkAclRule