Package software.amazon.awssdk.services.fms.model

Class NetworkAclEntry

  • All Implemented Interfaces:
    Serializable, SdkPojo, ToCopyableBuilder<NetworkAclEntry.Builder,​NetworkAclEntry>
    @Generated("software.amazon.awssdk:codegen")
public final class NetworkAclEntry
extends Object
implements SdkPojo, Serializable, ToCopyableBuilder<NetworkAclEntry.Builder,​NetworkAclEntry>

    Describes a rule in a network ACL.

    Each network ACL has a set of numbered ingress rules and a separate set of numbered egress rules. When determining whether a packet should be allowed in or out of a subnet associated with the network ACL, Amazon Web Services processes the entries in the network ACL according to the rule numbers, in ascending order.

    When you manage an individual network ACL, you explicitly specify the rule numbers. When you specify the network ACL rules in a Firewall Manager policy, you provide the rules to run first, in the order that you want them to run, and the rules to run last, in the order that you want them to run. Firewall Manager assigns the rule numbers for you when you save the network ACL policy specification.

    See Also:
    Serialized Form

    • Method Detail

      • icmpTypeCode

        public final NetworkAclIcmpTypeCode icmpTypeCode()

        ICMP protocol: The ICMP type and code.

        Returns:
        ICMP protocol: The ICMP type and code.

      • protocol

        public final String protocol()

        The protocol number. A value of "-1" means all protocols.

        Returns:
        The protocol number. A value of "-1" means all protocols.

      • portRange

        public final NetworkAclPortRange portRange()

        TCP or UDP protocols: The range of ports the rule applies to.

        Returns:
        TCP or UDP protocols: The range of ports the rule applies to.

      • cidrBlock

        public final String cidrBlock()

        The IPv4 network range to allow or deny, in CIDR notation.

        Returns:
        The IPv4 network range to allow or deny, in CIDR notation.

      • ipv6CidrBlock

        public final String ipv6CidrBlock()

        The IPv6 network range to allow or deny, in CIDR notation.

        Returns:
        The IPv6 network range to allow or deny, in CIDR notation.

      • ruleActionAsString

        public final String ruleActionAsString()

        Indicates whether to allow or deny the traffic that matches the rule.

        If the service returns an enum value that is not available in the current SDK version, ruleAction will return NetworkAclRuleAction.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from ruleActionAsString().

        Returns:
        Indicates whether to allow or deny the traffic that matches the rule.
        See Also:
        NetworkAclRuleAction

      • egress

        public final Boolean egress()

        Indicates whether the rule is an egress, or outbound, rule (applied to traffic leaving the subnet). If it's not an egress rule, then it's an ingress, or inbound, rule.

        Returns:
        Indicates whether the rule is an egress, or outbound, rule (applied to traffic leaving the subnet). If it's not an egress rule, then it's an ingress, or inbound, rule.

      • hashCode

        public final int hashCode()
        Overrides:
        hashCode in class Object

      • equals

        public final boolean equals​(Object obj)
        Overrides:
        equals in class Object

      • toString

        public final String toString()
        Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
        Overrides:
        toString in class Object

      • getValueForField

        public final <T> Optional<T> getValueForField​(String fieldName,
                                              Class<T> clazz)