Package software.amazon.awscdk.services.ec2

Class CfnSecurityGroupIngress

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.CfnElement
software.amazon.awscdk.CfnRefElement
software.amazon.awscdk.CfnResource
software.amazon.awscdk.services.ec2.CfnSecurityGroupIngress
All Implemented Interfaces:
IInspectable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable
@Generated(value="jsii-pacmak/1.89.0 (build 2f74b3e)", date="2023-10-26T00:56:06.884Z") @Stability(Stable) public class CfnSecurityGroupIngress extends CfnResource implements IInspectable
Adds an inbound rule to a security group.

An inbound rule permits instances to receive traffic from the specified IPv4 or IPv6 CIDR address range, or from the instances associated with the specified security group.

You must specify only one of the following properties: CidrIp , CidrIpv6 , SourcePrefixListId , SourceSecurityGroupId , or SourceSecurityGroupName .

You specify a protocol for each rule (for example, TCP). For TCP and UDP, you must also specify a port or port range. For ICMP/ICMPv6, you must also specify the ICMP/ICMPv6 type and code. You can use -1 to mean all types or all codes.

You must specify a source security group ( SourcePrefixListId , SourceSecurityGroupId , or SourceSecurityGroupName ) or a CIDR range ( CidrIp or CidrIpv6 ). If you do not specify one of these parameters, the stack will launch successfully but the rule will not be added to the security group.

Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.ec2.*;
 CfnSecurityGroupIngress cfnSecurityGroupIngress = CfnSecurityGroupIngress.Builder.create(this, "MyCfnSecurityGroupIngress")
         .ipProtocol("ipProtocol")
         // the properties below are optional
         .cidrIp("cidrIp")
         .cidrIpv6("cidrIpv6")
         .description("description")
         .fromPort(123)
         .groupId("groupId")
         .groupName("groupName")
         .sourcePrefixListId("sourcePrefixListId")
         .sourceSecurityGroupId("sourceSecurityGroupId")
         .sourceSecurityGroupName("sourceSecurityGroupName")
         .sourceSecurityGroupOwnerId("sourceSecurityGroupOwnerId")
         .toPort(123)
         .build();

See Also:

  • Field Details

    • CFN_RESOURCE_TYPE_NAME

      @Stability(Stable) public static final String CFN_RESOURCE_TYPE_NAME
      The CloudFormation resource type name for this resource class.

  • Constructor Details

    • CfnSecurityGroupIngress

      protected CfnSecurityGroupIngress(software.amazon.jsii.JsiiObjectRef objRef)

    • CfnSecurityGroupIngress

      protected CfnSecurityGroupIngress(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • CfnSecurityGroupIngress

      @Stability(Stable) public CfnSecurityGroupIngress(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnSecurityGroupIngressProps props)
      Parameters:
      scope - Scope in which this resource is defined. This parameter is required.
      id - Construct identifier for this resource (unique in its scope). This parameter is required.
      props - Resource properties. This parameter is required.

  • Method Details

    • inspect

      @Stability(Stable) public void inspect(@NotNull TreeInspector inspector)
      Examines the CloudFormation resource and discloses attributes.

      Specified by:
      inspect in interface IInspectable
      Parameters:
      inspector - tree inspector to collect and process attributes. This parameter is required.

    • renderProperties

      @Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
      Overrides:
      renderProperties in class CfnResource
      Parameters:
      props - This parameter is required.

    • getAttrId

      @Stability(Stable) @NotNull public String getAttrId()

    • getCfnProperties

      @Stability(Stable) @NotNull protected Map<String,Object> getCfnProperties()
      Overrides:
      getCfnProperties in class CfnResource

    • getIpProtocol

      @Stability(Stable) @NotNull public String getIpProtocol()
      The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).

    • setIpProtocol

      @Stability(Stable) public void setIpProtocol(@NotNull String value)
      The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).

    • getCidrIp

      @Stability(Stable) @Nullable public String getCidrIp()
      The IPv4 address range, in CIDR format.

    • setCidrIp

      @Stability(Stable) public void setCidrIp(@Nullable String value)
      The IPv4 address range, in CIDR format.

    • getCidrIpv6

      @Stability(Stable) @Nullable public String getCidrIpv6()
      The IPv6 address range, in CIDR format.

    • setCidrIpv6

      @Stability(Stable) public void setCidrIpv6(@Nullable String value)
      The IPv6 address range, in CIDR format.

    • getDescription

      @Stability(Stable) @Nullable public String getDescription()
      Updates the description of an ingress (inbound) security group rule.

    • setDescription

      @Stability(Stable) public void setDescription(@Nullable String value)
      Updates the description of an ingress (inbound) security group rule.

    • getFromPort

      @Stability(Stable) @Nullable public Number getFromPort()
      The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number.

    • setFromPort

      @Stability(Stable) public void setFromPort(@Nullable Number value)
      The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number.

    • getGroupId

      @Stability(Stable) @Nullable public String getGroupId()
      The ID of the security group.

    • setGroupId

      @Stability(Stable) public void setGroupId(@Nullable String value)
      The ID of the security group.

    • getGroupName

      @Stability(Stable) @Nullable public String getGroupName()
      The name of the security group.

    • setGroupName

      @Stability(Stable) public void setGroupName(@Nullable String value)
      The name of the security group.

    • getSourcePrefixListId

      @Stability(Stable) @Nullable public String getSourcePrefixListId()
      The ID of a prefix list.

    • setSourcePrefixListId

      @Stability(Stable) public void setSourcePrefixListId(@Nullable String value)
      The ID of a prefix list.

    • getSourceSecurityGroupId

      @Stability(Stable) @Nullable public String getSourceSecurityGroupId()
      The ID of the security group.

    • setSourceSecurityGroupId

      @Stability(Stable) public void setSourceSecurityGroupId(@Nullable String value)
      The ID of the security group.

    • getSourceSecurityGroupName

      @Stability(Stable) @Nullable public String getSourceSecurityGroupName()
      [Default VPC] The name of the source security group.

    • setSourceSecurityGroupName

      @Stability(Stable) public void setSourceSecurityGroupName(@Nullable String value)
      [Default VPC] The name of the source security group.

    • getSourceSecurityGroupOwnerId

      @Stability(Stable) @Nullable public String getSourceSecurityGroupOwnerId()
      [nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account.

    • setSourceSecurityGroupOwnerId

      @Stability(Stable) public void setSourceSecurityGroupOwnerId(@Nullable String value)
      [nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account.

    • getToPort

      @Stability(Stable) @Nullable public Number getToPort()
      The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code.

    • setToPort

      @Stability(Stable) public void setToPort(@Nullable Number value)
      The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code.