Class SecurityGroupRuleConfig

NetworkConfig / VpcConfig | VpcTemplatesConfig / SecurityGroupConfig / SecurityGroupRuleConfig

Security group rule configuration. Use this configuration to define ingress and egress rules for your security groups. The rules of a security group control the inbound traffic that's allowed to reach the resources that are associated with the security group. The rules also control the outbound traffic that's allowed to leave them.

Example

CIDR source:

- description: Remote access security group
  types:
    - RDP
    - SSH
  sources:
    - 10.0.0.0/16

Security group source:

- description: Remote access security group
  types:
    - RDP
    - SSH
  sources:
    - securityGroups:
      - accelerator-sg

Prefix list source:

- description: Remote access security group
  types:
    - RDP
    - SSH
  sources:
    - prefixLists:
      - accelerator-pl

Subnet source:

- description: Remote access security group
  types:
    - RDP
    - SSH
  sources:
    - account: Network
      vpc: Network-Endpoints
      subnets:
        - Network-Endpoints-A

Hierarchy

  • SecurityGroupRuleConfig

Implements

Constructors

constructor

Properties

description fromPort sources tcpPorts toPort types udpPorts

Constructors

constructor

Properties

Readonly description

description: string = ''

A description for the security group rule.

Readonly fromPort

fromPort: undefined | number = undefined

(OPTIONAL) The port to start from in the security group rule.

Remarks

Use only for rules that are using the TCP, UDP, or ICMP types. Leave undefined for other rule types.

For TCP/UDP rules, this is the start of the port range.

For ICMP rules, this is the ICMP type number. A value of -1 indicates all types. The value of toPort must also be -1 if this value is -1.

Readonly sources

sources: string[] | SecurityGroupSourceConfig[] | PrefixListSourceConfig[] | SubnetSourceConfig[] = []

An array of sources for the security group rule.

Remarks

Valid sources are CIDR ranges, security group rules, prefix lists, and subnets.

See

SecurityGroupSourceConfig | PrefixListSourceConfig | SubnetSourceConfig

Readonly tcpPorts

tcpPorts: undefined | number[] = undefined

(OPTIONAL) An array of TCP ports to include in the security group rule.

Remarks

Use this property when you need to define ports that are not the common applications available in types. Leave undefined if using the types property.

Readonly toPort

toPort: undefined | number = undefined

(OPTIONAL) The port to end with in the security group rule.

Remarks

Use only for rules that are using the TCP, UDP, or ICMP types. Leave undefined for other rule types.

For TCP/UDP type rules, this is the end of the port range.

For ICMP type rules, this is the ICMP code number. A value of -1 indicates all types. The value must be -1 if the value of fromPort is -1.

Readonly types

types: undefined | ("HTTP" | "ALL" | "TCP" | "UDP" | "REDSHIFT" | "HTTPS" | "SSH" | "POSTGRESQL" | "ICMP" | "RDP" | "MSSQL" | "MYSQL/AURORA" | "ORACLE-RDS")[] = undefined

(OPTIONAL) An array of port/protocol types to include in the security group rule.

Remarks

  • Use ALL to create a rule that allows all ports/protocols.
  • Use ICMP along with fromPort and toPort to create ICMP protocol rules. ICMP fromPort/toPort values use the same convention as the CloudFormation reference.
  • Use TCP or UDP along with fromPort and toPort to create TCP/UDP rules that target a range of ports.
  • Use any of the other common types included to create a rule that allows that specific application port/protocol.
  • You can leave this property undefined and use tcpPorts and udpPorts independently to define multiple TCP/UDP rules.

See

securityGroupRuleTypeEnum

Readonly udpPorts

udpPorts: undefined | number[] = undefined

(OPTIONAL) An array of UDP ports to include in the security group rule.

Remarks

Use this property when you need to define ports that are not the common applications available in types. Leave undefined if using the types property.

Settings

Member Visibility

Theme

Generated using TypeDoc