1 | /**
|
2 | * Either an IPv4 or an IPv6 CIDR
|
3 | *
|
4 | *
|
5 | */
|
6 | export declare abstract class AclCidr {
|
7 | /**
|
8 | * An IP network range in CIDR notation (for example, 172.16.0.0/24).
|
9 | */
|
10 | static ipv4(ipv4Cidr: string): AclCidr;
|
11 | /**
|
12 | * The CIDR containing all IPv4 addresses (i.e., 0.0.0.0/0)
|
13 | */
|
14 | static anyIpv4(): AclCidr;
|
15 | /**
|
16 | * An IPv6 network range in CIDR notation (for example, 2001:db8::/48)
|
17 | */
|
18 | static ipv6(ipv6Cidr: string): AclCidr;
|
19 | /**
|
20 | * The CIDR containing all IPv6 addresses (i.e., ::/0)
|
21 | */
|
22 | static anyIpv6(): AclCidr;
|
23 | abstract toCidrConfig(): AclCidrConfig;
|
24 | }
|
25 | /**
|
26 | * Acl Configuration for CIDR
|
27 | *
|
28 | *
|
29 | */
|
30 | export interface AclCidrConfig {
|
31 | /**
|
32 | * Ipv4 CIDR
|
33 | */
|
34 | readonly cidrBlock?: string;
|
35 | /**
|
36 | * Ipv6 CIDR
|
37 | */
|
38 | readonly ipv6CidrBlock?: string;
|
39 | }
|
40 | /**
|
41 | * The traffic that is configured using a Network ACL entry
|
42 | *
|
43 | *
|
44 | */
|
45 | export declare abstract class AclTraffic {
|
46 | /**
|
47 | * Apply the ACL entry to all traffic
|
48 | */
|
49 | static allTraffic(): AclTraffic;
|
50 | /**
|
51 | * Apply the ACL entry to ICMP traffic of given type and code
|
52 | */
|
53 | static icmp(props: AclIcmp): AclTraffic;
|
54 | /**
|
55 | * Apply the ACL entry to ICMPv6 traffic of given type and code
|
56 | *
|
57 | * Requires an IPv6 CIDR block.
|
58 | */
|
59 | static icmpv6(props: AclIcmp): AclTraffic;
|
60 | /**
|
61 | * Apply the ACL entry to TCP traffic on a given port
|
62 | */
|
63 | static tcpPort(port: number): AclTraffic;
|
64 | /**
|
65 | * Apply the ACL entry to TCP traffic on a given port range
|
66 | */
|
67 | static tcpPortRange(startPort: number, endPort: number): AclTraffic;
|
68 | /**
|
69 | * Apply the ACL entry to UDP traffic on a given port
|
70 | */
|
71 | static udpPort(port: number): AclTraffic;
|
72 | /**
|
73 | * Apply the ACL entry to UDP traffic on a given port range
|
74 | */
|
75 | static udpPortRange(startPort: number, endPort: number): AclTraffic;
|
76 | abstract toTrafficConfig(): AclTrafficConfig;
|
77 | }
|
78 | /**
|
79 | * Acl Configuration for traffic
|
80 | *
|
81 | *
|
82 | */
|
83 | export interface AclTrafficConfig {
|
84 | /**
|
85 | * The Internet Control Message Protocol (ICMP) code and type.
|
86 | *
|
87 | * @default - Required if specifying 1 (ICMP) for the protocol parameter.
|
88 | */
|
89 | readonly icmp?: AclIcmp;
|
90 | /**
|
91 | * The range of port numbers for the UDP/TCP protocol.
|
92 | *
|
93 | * @default - Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter
|
94 | */
|
95 | readonly portRange?: AclPortRange;
|
96 | /**
|
97 | * The protocol number.
|
98 | *
|
99 | * A value of "-1" means all protocols.
|
100 | *
|
101 | * If you specify "-1" or a protocol number other than "6" (TCP), "17" (UDP),
|
102 | * or "1" (ICMP), traffic on all ports is allowed, regardless of any ports or
|
103 | * ICMP types or codes that you specify.
|
104 | *
|
105 | * If you specify protocol "58" (ICMPv6) and specify an IPv4 CIDR
|
106 | * block, traffic for all ICMP types and codes allowed, regardless of any that
|
107 | * you specify. If you specify protocol "58" (ICMPv6) and specify an IPv6 CIDR
|
108 | * block, you must specify an ICMP type and code.
|
109 | *
|
110 | * @default 17
|
111 | */
|
112 | readonly protocol: number;
|
113 | }
|
114 | /**
|
115 | * Properties to create Icmp
|
116 | *
|
117 | *
|
118 | */
|
119 | export interface AclIcmp {
|
120 | /**
|
121 | * The Internet Control Message Protocol (ICMP) type. You can use -1 to specify all ICMP types.
|
122 | * Conditional requirement: Required if you specify 1 (ICMP) for the CreateNetworkAclEntry protocol parameter.
|
123 | */
|
124 | readonly type?: number;
|
125 | /**
|
126 | * The Internet Control Message Protocol (ICMP) code. You can use -1 to specify all ICMP
|
127 | * codes for the given ICMP type. Requirement is conditional: Required if you
|
128 | * specify 1 (ICMP) for the protocol parameter.
|
129 | */
|
130 | readonly code?: number;
|
131 | }
|
132 | /**
|
133 | * Properties to create PortRange
|
134 | *
|
135 | *
|
136 | */
|
137 | export interface AclPortRange {
|
138 | /**
|
139 | * The first port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.
|
140 | */
|
141 | readonly from?: number;
|
142 | /**
|
143 | * The last port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.
|
144 | */
|
145 | readonly to?: number;
|
146 | }
|