pulumi-aws-kotlin/com.pulumi.aws.ec2.kotlin/TrafficMirrorFilterRuleArgs

TrafficMirrorFilterRuleArgs

data class TrafficMirrorFilterRuleArgs(val description: Output<String>? = null, val destinationCidrBlock: Output<String>? = null, val destinationPortRange: Output<TrafficMirrorFilterRuleDestinationPortRangeArgs>? = null, val protocol: Output<Int>? = null, val ruleAction: Output<String>? = null, val ruleNumber: Output<Int>? = null, val sourceCidrBlock: Output<String>? = null, val sourcePortRange: Output<TrafficMirrorFilterRuleSourcePortRangeArgs>? = null, val trafficDirection: Output<String>? = null, val trafficMirrorFilterId: Output<String>? = null) : ConvertibleToJava<TrafficMirrorFilterRuleArgs>

Provides an Traffic mirror filter rule. Read limits and considerations for traffic mirroring

Example Usage

To create a basic traffic mirror session

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.TrafficMirrorFilter;
import com.pulumi.aws.ec2.TrafficMirrorFilterArgs;
import com.pulumi.aws.ec2.TrafficMirrorFilterRule;
import com.pulumi.aws.ec2.TrafficMirrorFilterRuleArgs;
import com.pulumi.aws.ec2.inputs.TrafficMirrorFilterRuleDestinationPortRangeArgs;
import com.pulumi.aws.ec2.inputs.TrafficMirrorFilterRuleSourcePortRangeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var filter = new TrafficMirrorFilter("filter", TrafficMirrorFilterArgs.builder()
            .description("traffic mirror filter - example")
            .networkServices("amazon-dns")
            .build());
        var ruleout = new TrafficMirrorFilterRule("ruleout", TrafficMirrorFilterRuleArgs.builder()
            .description("test rule")
            .trafficMirrorFilterId(filter.id())
            .destinationCidrBlock("10.0.0.0/8")
            .sourceCidrBlock("10.0.0.0/8")
            .ruleNumber(1)
            .ruleAction("accept")
            .trafficDirection("egress")
            .build());
        var rulein = new TrafficMirrorFilterRule("rulein", TrafficMirrorFilterRuleArgs.builder()
            .description("test rule")
            .trafficMirrorFilterId(filter.id())
            .destinationCidrBlock("10.0.0.0/8")
            .sourceCidrBlock("10.0.0.0/8")
            .ruleNumber(1)
            .ruleAction("accept")
            .trafficDirection("ingress")
            .protocol(6)
            .destinationPortRange(TrafficMirrorFilterRuleDestinationPortRangeArgs.builder()
                .fromPort(22)
                .toPort(53)
                .build())
            .sourcePortRange(TrafficMirrorFilterRuleSourcePortRangeArgs.builder()
                .fromPort(0)
                .toPort(10)
                .build())
            .build());
    }
}

Import

Traffic mirror rules can be imported using the traffic_mirror_filter_id and id separated by : e.g.,

$ pulumi import aws:ec2/trafficMirrorFilterRule:TrafficMirrorFilterRule rule tmf-0fbb93ddf38198f64:tmfr-05a458f06445d0aee

Constructors

TrafficMirrorFilterRuleArgs

constructor(description: Output<String>? = null, destinationCidrBlock: Output<String>? = null, destinationPortRange: Output<TrafficMirrorFilterRuleDestinationPortRangeArgs>? = null, protocol: Output<Int>? = null, ruleAction: Output<String>? = null, ruleNumber: Output<Int>? = null, sourceCidrBlock: Output<String>? = null, sourcePortRange: Output<TrafficMirrorFilterRuleSourcePortRangeArgs>? = null, trafficDirection: Output<String>? = null, trafficMirrorFilterId: Output<String>? = null)

Properties

description

val description: Output<String>? = null

Description of the traffic mirror filter rule.

destinationCidrBlock

val destinationCidrBlock: Output<String>? = null

Destination CIDR block to assign to the Traffic Mirror rule.

destinationPortRange

val destinationPortRange: Output<TrafficMirrorFilterRuleDestinationPortRangeArgs>? = null

Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below

protocol

val protocol: Output<Int>? = null

Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.

ruleAction

val ruleAction: Output<String>? = null

Action to take (accept | reject) on the filtered traffic. Valid values are accept and reject

ruleNumber

val ruleNumber: Output<Int>? = null

Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.

sourceCidrBlock

val sourceCidrBlock: Output<String>? = null

Source CIDR block to assign to the Traffic Mirror rule.

sourcePortRange

val sourcePortRange: Output<TrafficMirrorFilterRuleSourcePortRangeArgs>? = null

Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below

trafficDirection

val trafficDirection: Output<String>? = null

Direction of traffic to be captured. Valid values are ingress and egress Traffic mirror port range support following attributes:

trafficMirrorFilterId

val trafficMirrorFilterId: Output<String>? = null

ID of the traffic mirror filter to which this rule should be added

Functions

toJava

open override fun toJava(): TrafficMirrorFilterRuleArgs