-
Notifications
You must be signed in to change notification settings - Fork 17
/
CfnSecurityGroupEgressProps.go
69 lines (66 loc) · 4.51 KB
/
CfnSecurityGroupEgressProps.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
package awsec2
// Properties for defining a `CfnSecurityGroupEgress`.
//
// Example:
// // The code below shows an example of how to instantiate this type.
// // The values are placeholders you should change.
// import "github.com/aws/aws-cdk-go/awscdk"
//
// cfnSecurityGroupEgressProps := &CfnSecurityGroupEgressProps{
// GroupId: jsii.String("groupId"),
// IpProtocol: jsii.String("ipProtocol"),
//
// // the properties below are optional
// CidrIp: jsii.String("cidrIp"),
// CidrIpv6: jsii.String("cidrIpv6"),
// Description: jsii.String("description"),
// DestinationPrefixListId: jsii.String("destinationPrefixListId"),
// DestinationSecurityGroupId: jsii.String("destinationSecurityGroupId"),
// FromPort: jsii.Number(123),
// ToPort: jsii.Number(123),
// }
//
type CfnSecurityGroupEgressProps struct {
// The ID of the security group.
//
// You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.
GroupId *string `field:"required" json:"groupId" yaml:"groupId"`
// The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).
//
// [VPC only] Use `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.
IpProtocol *string `field:"required" json:"ipProtocol" yaml:"ipProtocol"`
// The IPv4 address range, in CIDR format.
//
// You must specify a destination security group ( `DestinationPrefixListId` or `DestinationSecurityGroupId` ) or a CIDR range ( `CidrIp` or `CidrIpv6` ).
//
// For examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .
CidrIp *string `field:"optional" json:"cidrIp" yaml:"cidrIp"`
// The IPv6 address range, in CIDR format.
//
// You must specify a destination security group ( `DestinationPrefixListId` or `DestinationSecurityGroupId` ) or a CIDR range ( `CidrIp` or `CidrIpv6` ).
//
// For examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .
CidrIpv6 *string `field:"optional" json:"cidrIpv6" yaml:"cidrIpv6"`
// The description of an egress (outbound) security group rule.
//
// Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
Description *string `field:"optional" json:"description" yaml:"description"`
// [EC2-VPC only] The prefix list IDs for an AWS service.
//
// This is the AWS service that you want to access through a VPC endpoint from instances associated with the security group.
//
// You must specify a destination security group ( `DestinationPrefixListId` or `DestinationSecurityGroupId` ) or a CIDR range ( `CidrIp` or `CidrIpv6` ).
DestinationPrefixListId *string `field:"optional" json:"destinationPrefixListId" yaml:"destinationPrefixListId"`
// The ID of the security group.
//
// You must specify a destination security group ( `DestinationPrefixListId` or `DestinationSecurityGroupId` ) or a CIDR range ( `CidrIp` or `CidrIpv6` ).
DestinationSecurityGroupId *string `field:"optional" json:"destinationSecurityGroupId" yaml:"destinationSecurityGroupId"`
// If the protocol is TCP or UDP, this is the start of the port range.
//
// If the protocol is ICMP or ICMPv6, this is the type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all ICMP/ICMPv6 codes.
FromPort *float64 `field:"optional" json:"fromPort" yaml:"fromPort"`
// If the protocol is TCP or UDP, this is the end of the port range.
//
// If the protocol is ICMP or ICMPv6, this is the code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all ICMP/ICMPv6 codes.
ToPort *float64 `field:"optional" json:"toPort" yaml:"toPort"`
}