Class AWS::EC2::NetworkACL
In: lib/aws/ec2/network_acl/association.rb
lib/aws/ec2/network_acl/entry.rb
lib/aws/ec2/network_acl.rb
Parent: Resource

Represents a network ACL in EC2.

@attr_reader [String] vpc_id

@attr_reader [Boolean] default? Returns true if this is the default

  network ACL.

Methods

Included Modules

TaggedItem

Classes and Modules

Class AWS::EC2::NetworkACL::Association
Class AWS::EC2::NetworkACL::Entry

External Aliases

network_acl_id -> id

Attributes

network_acl_id  [R]  @return [String]

Public Class methods

Public Instance methods

@return [Array<NetworkACL::Association>] Returns an array of

  {NetworkACL::Association} objects (association to subnets).

Adds an entry to this network ACL.

@param [Hash] options

@option options [required,Integer] :rule_number Rule number to

  assign to the entry (e.g., 100). ACL entries are processed in
  ascending order by rule number.

@option options [required,:allow,:deny] :action Whether to

  allow or deny traffic that matches the rule.

@option options [required,Integer] :protocol IP protocol the rule

  applies to. You can use -1 to mean all protocols. You can see a
  list of #   supported protocol numbers here:
  http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xml

@option options [required,String] :cidr_block The CIDR range to

  allow or deny, in CIDR notation (e.g., 172.16.0.0/24).

@option options [Boolean] :egress (false)

  Whether this rule applies to egress traffic from the subnet (true)
  or ingress traffic to the subnet (false).

@option options [Range<Integer>] :port_range A numeric range

  of ports. Required if specifying TCP (6) or UDP (17) for the
  :protocol.

@option options [Integer] :icmp_code For the ICMP protocol, the

  ICMP code. You can use -1 to specify all ICMP codes for the given
  ICMP type.

@option options [Integer] :icmp_type For the ICMP protocol,

  the ICMP type. You can use -1 to specify all ICMP types.

@return [nil]

Deletes the current network ACL. You can not delete the default network ACL. @return [nil]

Deletes an entry from this network ACL. To delete an entry you need to know its rule number and if it is an egress or ingress rule.

  # delete ingress rule 10
  network_acl.delete_entry :egress, 10

  # delete egress rules 5
  network_acl.delete_entry :ingress, 5

@param [:ingress,:egress] egress_or_ingress Specifies if you want to

  delete an ingress or an egress rule.

@param [Integer] rule_number Which rule to delete.

@return [nil]

@return [Array<NetworkACL::Entry>] Returns an array of

  all entries for this network ACL.

Replaces the network ACL entry with the given :rule_number.

@param [Hash] options

@option options [required,Integer] :rule_number Rule number to

  assign to the entry (e.g., 100). ACL entries are processed in
  ascending order by rule number.

@option options [required,:allow,:deny] :action Whether to

  allow or deny traffic that matches the rule.

@option options [required,Integer] :protocol IP protocol the rule

  applies to. You can use -1 to mean all protocols. You can see a
  list of #   supported protocol numbers here:
  http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xml

@option options [required,String] :cidr_block The CIDR range to

  allow or deny, in CIDR notation (e.g., 172.16.0.0/24).

@option options [Boolean] :egress (false)

  Whether this rule applies to egress traffic from the subnet (true)
  or ingress traffic to the subnet (false).

@option options [Range<Integer>] :port_range A numeric range

  of ports. Required if specifying TCP (6) or UDP (17) for the
  :protocol.

@option options [Integer] :icmp_code For the ICMP protocol, the

  ICMP code. You can use -1 to specify all ICMP codes for the given
  ICMP type.

@option options [Integer] :icmp_type For the ICMP protocol,

  the ICMP type. You can use -1 to specify all ICMP types.

@return [nil]

@return [Array<Subnet>] Returns an array of subnets ({Subnet})

  that currently use this network ACL.

@return [VPC] Returns the VPC this network ACL belongs to.

Protected Instance methods

[Validate]