Security
Constructors
Properties
The IPv4 address range, in CIDR format. You must specify exactly one of the following: CidrIp , CidrIpv6 , DestinationPrefixListId , or DestinationSecurityGroupId . For examples of rules that you can add to security groups for specific access scenarios, see Security group rules for different use cases in the Amazon EC2 User Guide .
The IPv6 address range, in CIDR format. You must specify exactly one of the following: CidrIp , CidrIpv6 , DestinationPrefixListId , or DestinationSecurityGroupId . For examples of rules that you can add to security groups for specific access scenarios, see Security group rules for different use cases in the Amazon EC2 User Guide .
A description for the security group rule. Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
The prefix list IDs for the destination AWS service. This is the AWS service that you want to access through a VPC endpoint from instances associated with the security group. You must specify exactly one of the following: CidrIp , CidrIpv6 , DestinationPrefixListId , or DestinationSecurityGroupId .
The ID of the destination VPC security group. You must specify exactly one of the following: CidrIp , CidrIpv6 , DestinationPrefixListId , or DestinationSecurityGroupId .
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ). Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp , udp , icmp , or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp , udp , and icmp , you must specify a port range. For icmpv6 , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.