Network
data class NetworkAclRuleArgs(val cidrBlock: Output<String>? = null, val egress: Output<Boolean>? = null, val fromPort: Output<Int>? = null, val icmpCode: Output<Int>? = null, val icmpType: Output<Int>? = null, val ipv6CidrBlock: Output<String>? = null, val networkAclId: Output<String>? = null, val protocol: Output<String>? = null, val ruleAction: Output<String>? = null, val ruleNumber: Output<Int>? = null, val toPort: Output<Int>? = null) : ConvertibleToJava<NetworkAclRuleArgs>
Creates an entry (a rule) in a network ACL with the specified rule number.
NOTE on Network ACLs and Network ACL Rules: This provider currently provides both a standalone Network ACL Rule resource and a Network ACL resource with rules defined in-line. At this time you cannot use a Network ACL with in-line rules in conjunction with any Network ACL Rule resources. Doing so will cause a conflict of rule settings and will overwrite rules.
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.NetworkAcl;
import com.pulumi.aws.ec2.NetworkAclArgs;
import com.pulumi.aws.ec2.NetworkAclRule;
import com.pulumi.aws.ec2.NetworkAclRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var barNetworkAcl = new NetworkAcl("barNetworkAcl", NetworkAclArgs.builder()
.vpcId(aws_vpc.foo().id())
.build());
var barNetworkAclRule = new NetworkAclRule("barNetworkAclRule", NetworkAclRuleArgs.builder()
.networkAclId(barNetworkAcl.id())
.ruleNumber(200)
.egress(false)
.protocol("tcp")
.ruleAction("allow")
.cidrBlock(aws_vpc.foo().cidr_block())
.fromPort(22)
.toPort(22)
.build());
}
}Content copied to clipboard
Import
Using the procotol's decimal value: Using pulumi import to import individual rules using NETWORK_ACL_ID:RULE_NUMBER:PROTOCOL:EGRESS, where PROTOCOL can be a decimal (such as "6") or string (such as "tcp") value. For example: Using the procotol's string value:
$ pulumi import aws:ec2/networkAclRule:NetworkAclRule my_rule acl-7aaabd18:100:tcp:falseContent copied to clipboard
Using the procotol's decimal value:
$ pulumi import aws:ec2/networkAclRule:NetworkAclRule my_rule acl-7aaabd18:100:6:falseContent copied to clipboard
Constructors
Link copied to clipboard
fun NetworkAclRuleArgs(cidrBlock: Output<String>? = null, egress: Output<Boolean>? = null, fromPort: Output<Int>? = null, icmpCode: Output<Int>? = null, icmpType: Output<Int>? = null, ipv6CidrBlock: Output<String>? = null, networkAclId: Output<String>? = null, protocol: Output<String>? = null, ruleAction: Output<String>? = null, ruleNumber: Output<Int>? = null, toPort: Output<Int>? = null)