-
Notifications
You must be signed in to change notification settings - Fork 17
/
awsec2_SecurityGroupProps.go
63 lines (60 loc) · 2.62 KB
/
awsec2_SecurityGroupProps.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
package awsec2
// Example:
// var vpc vpc
//
//
// securityGroup1 := ec2.NewSecurityGroup(this, jsii.String("SecurityGroup1"), &securityGroupProps{
// vpc: vpc,
// })
// lb := elbv2.NewApplicationLoadBalancer(this, jsii.String("LB"), &applicationLoadBalancerProps{
// vpc: vpc,
// internetFacing: jsii.Boolean(true),
// securityGroup: securityGroup1,
// })
//
// securityGroup2 := ec2.NewSecurityGroup(this, jsii.String("SecurityGroup2"), &securityGroupProps{
// vpc: vpc,
// })
// lb.addSecurityGroup(securityGroup2)
//
type SecurityGroupProps struct {
// The VPC in which to create the security group.
Vpc IVpc `field:"required" json:"vpc" yaml:"vpc"`
// Whether to allow all outbound ipv6 traffic by default.
//
// If this is set to true, there will only be a single egress rule which allows all
// outbound ipv6 traffic. If this is set to false, no outbound traffic will be allowed by
// default and all egress ipv6 traffic must be explicitly authorized.
//
// To allow all ipv4 traffic use allowAllOutbound.
AllowAllIpv6Outbound *bool `field:"optional" json:"allowAllIpv6Outbound" yaml:"allowAllIpv6Outbound"`
// Whether to allow all outbound traffic by default.
//
// If this is set to true, there will only be a single egress rule which allows all
// outbound traffic. If this is set to false, no outbound traffic will be allowed by
// default and all egress traffic must be explicitly authorized.
//
// To allow all ipv6 traffic use allowAllIpv6Outbound.
AllowAllOutbound *bool `field:"optional" json:"allowAllOutbound" yaml:"allowAllOutbound"`
// A description of the security group.
Description *string `field:"optional" json:"description" yaml:"description"`
// Whether to disable inline ingress and egress rule optimization.
//
// If this is set to true, ingress and egress rules will not be declared under the
// SecurityGroup in cloudformation, but will be separate elements.
//
// Inlining rules is an optimization for producing smaller stack templates. Sometimes
// this is not desirable, for example when security group access is managed via tags.
//
// The default value can be overriden globally by setting the context variable
// '@aws-cdk/aws-ec2.securityGroupDisableInlineRules'.
DisableInlineRules *bool `field:"optional" json:"disableInlineRules" yaml:"disableInlineRules"`
// The name of the security group.
//
// For valid values, see the GroupName
// parameter of the CreateSecurityGroup action in the Amazon EC2 API
// Reference.
//
// It is not recommended to use an explicit group name.
SecurityGroupName *string `field:"optional" json:"securityGroupName" yaml:"securityGroupName"`
}