class Aws::SecurityHub::Types::AwsEc2SecurityGroupIpPermission
An IP permission for an EC2 security group.
@note When making an API call, you may pass AwsEc2SecurityGroupIpPermission
data as a hash: { ip_protocol: "NonEmptyString", from_port: 1, to_port: 1, user_id_group_pairs: [ { group_id: "NonEmptyString", group_name: "NonEmptyString", peering_status: "NonEmptyString", user_id: "NonEmptyString", vpc_id: "NonEmptyString", vpc_peering_connection_id: "NonEmptyString", }, ], ip_ranges: [ { cidr_ip: "NonEmptyString", }, ], ipv_6_ranges: [ { cidr_ipv_6: "NonEmptyString", }, ], prefix_list_ids: [ { prefix_list_id: "NonEmptyString", }, ], }
@!attribute [rw] ip_protocol
The IP protocol name (`tcp`, `udp`, `icmp`, `icmpv6`) or number. \[VPC only\] Use `-1` to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than `tcp`, `udp`, `icmp`, or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp`, `udp`, and `icmp`, you must specify a port range. For `icmpv6`, the port range is optional. If you omit the port range, traffic for all types and codes is allowed. @return [String]
@!attribute [rw] from_port
The start of the port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes. @return [Integer]
@!attribute [rw] to_port
The end of the port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes. @return [Integer]
@!attribute [rw] user_id_group_pairs
The security group and Amazon Web Services account ID pairs. @return [Array<Types::AwsEc2SecurityGroupUserIdGroupPair>]
@!attribute [rw] ip_ranges
The IPv4 ranges. @return [Array<Types::AwsEc2SecurityGroupIpRange>]
@!attribute [rw] ipv_6_ranges
The IPv6 ranges. @return [Array<Types::AwsEc2SecurityGroupIpv6Range>]
@!attribute [rw] prefix_list_ids
\[VPC only\] The prefix list IDs for an Amazon Web Services service. With outbound rules, this is the Amazon Web Services service to access through a VPC endpoint from instances associated with the security group. @return [Array<Types::AwsEc2SecurityGroupPrefixListId>]
@see docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2SecurityGroupIpPermission AWS API Documentation
Constants
- SENSITIVE