| vpc |
The VPC to create the Network ACL in. See Network ACLs. (Required) |
| ingress-rule set subresource |
A set of ingress rules for the Network ACL.
- rule-number
- A number that determines the rule’s processing order. (Required)
- rule-action
- The action of the rule. Valid values are
allow or deny. (Required)
- protocol
- The protocol of the rule.
-1 means all protocols. Traffic on all ports is allowed if protocol is -1 or a number other than 6 (TCP), 17 (UDP) and 1 (ICMP). (Required)
- cidr-block
- The IPv4 cidr block to apply the rule to.
- ipv6-cidr-block
- The IPv6 cidr block to apply the rule to.
- from-port
- The starting port of the rule.
- to-port
- The ending port of the rule.
- icmp-type
- The ICMP type used for an ICMP request.
- icmp-code
- The ICMP code used for an ICMP request.
|
| egress-rule set subresource |
A list of egress rules for the Network ACL.
- rule-number
- A number that determines the rule’s processing order. (Required)
- rule-action
- The action of the rule. Valid values are
allow or deny. (Required)
- protocol
- The protocol of the rule.
-1 means all protocols. Traffic on all ports is allowed if protocol is -1 or a number other than 6 (TCP), 17 (UDP) and 1 (ICMP). (Required)
- cidr-block
- The IPv4 cidr block to apply the rule to.
- ipv6-cidr-block
- The IPv6 cidr block to apply the rule to.
- from-port
- The starting port of the rule.
- to-port
- The ending port of the rule.
- icmp-type
- The ICMP type used for an ICMP request.
- icmp-code
- The ICMP code used for an ICMP request.
|