Install Now
VM::EC2::VPC::NetworkAcl::Entry - VPC Network ACL entry
Contents
Description
This object represents an Amazon EC2 VPC network ACL entry
Methods
These object methods are supported:
ruleNumber -- Specific rule number for the entry. ACL entries are
processed in ascending order by rule number.
protocol -- Protocol. A value of -1 means all protocols.
See: http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xml
for a list of protocol numbers.
ruleAction -- Whether to allow or deny the traffic that matches the
rule. Valid values: allow | deny
egress -- Boolean flag to indicate an egress rule (rule is
applied to traffic leaving the subnet). Value of true
indicates egress.
cidrBlock -- The network range to allow or deny, in CIDR notation.
icmpType -- For the ICMP protocol, this is the ICMP type
icmpCode -- For the ICMP protocol, this is the ICMP code.
portRangeFrom -- For the TCP or UDP protocols, the starting range of ports the
rule applies to.
portRangeTo -- For the TCP or UDP protocols, the ending range of ports the
rule applies to.
port_from -- Alias for portRangeFrom
port_to -- Alias for portRangeTo
The object also supports the tags() method described in VM::EC2::Generic:
Name
VM::EC2::VPC::NetworkAcl::Entry - VPC Network ACL entry
See Also
VM::EC2 VM::EC2::Generic VM::EC2::Tag VM::EC2::VPC VM::EC2::VPC::NetworkAcl
String Overloading
When used in a string context, this object will interpolate the rule number
Synopsis
use VM::EC2;
my $ec2 = VM::EC2->new(...);
my $acl = $ec2->describe_network_acls(-network_acl_id=>'acl-12345678');
my @entries = $acl->entries;
# print outgoing icmp rules
for my $e (@entries) {
if ($e->egress && $e->protocol == 1) { # icmp = 1
print $e->ruleNumber,"\n",
$e->ruleAction,"\n",
$e->cidrBlock,"\n",
$e->icmpType,"\n",
$e->icmpCode,"\n";
}
}
# print incoming tcp rules
for my $e (@entries) {
if (! $e->egress && $e->protocol == 6) { # tcp = 6
print $e->ruleNumber,"\n",
$e->ruleAction,"\n",
$e->cidrBlock,"\n",
$e->port_from,'-',$e->port_to,"\n";
}
}
PNG Icons
