Interface INetworkAclInboundRuleConfig

NetworkConfig / VpcConfig | VpcTemplatesConfig / NetworkAclConfig / NetworkAclInboundRuleConfig

Network ACL inbound rule configuration.

Description

Use this configuration to define inbound rules for your network ACLs. An inbound rule allows or denies specific inbound traffic at the subnet level.

The following example allows inbound SSH traffic from source CIDR 10.0.0.0/16:

Example

- rule: 200
  protocol: 6
  fromPort: 22
  toPort: 22
  action: allow
  source: 10.0.0.0/16
interface INetworkAclInboundRuleConfig {
    action: AllowDeny;
    fromPort: number;
    protocol: number;
    rule: number;
    source: string | INetworkAclSubnetSelection;
    toPort: number;
}

Properties

action fromPort protocol rule source toPort

Properties

Readonlyaction

action: AllowDeny

The action for the network ACL rule.

ReadonlyfromPort

fromPort: number

The port to start from in the network ACL rule.

Readonlyprotocol

protocol: number

The IANA protocol number for the network ACL rule. You may also specify -1 for all protocols.

Readonlyrule

rule: number

The rule ID number for the rule.

Remarks

CAUTION: Changing this property value causes the rule to be recreated. This may temporarily impact your network traffic while the rule is updated.

Rules are evaluated in order from low to high and must be unique per direction. As soon as a rule matches traffic, it's applied regardless of any higher-numbered rule that might contradict it.

Readonlysource

source: string | INetworkAclSubnetSelection

The source of the network ACL rule.

Remarks

Possible values are a CIDR range or a network ACL subnet selection configuration.

See

NetworkAclSubnetSelection

ReadonlytoPort

toPort: number

The port to end with in the network ACL rule.

Settings

Member Visibility

On This Page

Properties