Readonly
descriptionA description for the security group rule.
Readonly
from(OPTIONAL) The port to start from in the security group rule.
Use only for rules that are using the TCP, UDP, or ICMP types. Leave undefined for other rule types.
For TCP/UDP rules, this is the start of the port range.
For ICMP rules, this is the ICMP type number. A value of -1 indicates all types.
The value of toPort
must also be -1 if this value is -1.
Readonly
sourcesAn array of sources for the security group rule.
Valid sources are CIDR ranges, security group rules, prefix lists, and subnets.
SecurityGroupSourceConfig | PrefixListSourceConfig | SubnetSourceConfig
Readonly
tcp(OPTIONAL) An array of TCP ports to include in the security group rule.
Use this property when you need to define ports that are not the common applications available in types
.
Leave undefined if using the types
property.
Readonly
to(OPTIONAL) The port to end with in the security group rule.
Use only for rules that are using the TCP, UDP, or ICMP types. Leave undefined for other rule types.
For TCP/UDP type rules, this is the end of the port range.
For ICMP type rules, this is the ICMP code number. A value of -1 indicates all types.
The value must be -1 if the value of fromPort
is -1.
Readonly
types(OPTIONAL) An array of port/protocol types to include in the security group rule.
ALL
to create a rule that allows all ports/protocols.ICMP
along with fromPort
and toPort
to create ICMP protocol rules. ICMP fromPort
/toPort
values use the same convention as the CloudFormation reference.TCP
or UDP
along with fromPort
and toPort
to create TCP/UDP rules that target a range of ports.tcpPorts
and udpPorts
independently to define multiple TCP/UDP rules.Readonly
udp(OPTIONAL) An array of UDP ports to include in the security group rule.
Use this property when you need to define ports that are not the common applications available in types
.
Leave undefined if using the types
property.
Generated using TypeDoc
NetworkConfig / VpcConfig | VpcTemplatesConfig / SecurityGroupConfig / SecurityGroupRuleConfig
Security group rule configuration. Use this configuration to define ingress and egress rules for your security groups. The rules of a security group control the inbound traffic that's allowed to reach the resources that are associated with the security group. The rules also control the outbound traffic that's allowed to leave them.
Example
CIDR source:
Security group source:
Prefix list source:
Subnet source: