class Aws::SecurityHub::Types::AwsEc2SecurityGroupIpPermission

An IP permission for an EC2 security group.

@note When making an API call, you may pass AwsEc2SecurityGroupIpPermission

data as a hash:

    {
      ip_protocol: "NonEmptyString",
      from_port: 1,
      to_port: 1,
      user_id_group_pairs: [
        {
          group_id: "NonEmptyString",
          group_name: "NonEmptyString",
          peering_status: "NonEmptyString",
          user_id: "NonEmptyString",
          vpc_id: "NonEmptyString",
          vpc_peering_connection_id: "NonEmptyString",
        },
      ],
      ip_ranges: [
        {
          cidr_ip: "NonEmptyString",
        },
      ],
      ipv_6_ranges: [
        {
          cidr_ipv_6: "NonEmptyString",
        },
      ],
      prefix_list_ids: [
        {
          prefix_list_id: "NonEmptyString",
        },
      ],
    }

@!attribute [rw] ip_protocol

The IP protocol name (`tcp`, `udp`, `icmp`, `icmpv6`) or number.

\[VPC only\] Use `-1` to specify all protocols.

When authorizing security group rules, specifying -1 or a protocol
number other than `tcp`, `udp`, `icmp`, or `icmpv6` allows traffic
on all ports, regardless of any port range you specify.

For `tcp`, `udp`, and `icmp`, you must specify a port range.

For `icmpv6`, the port range is optional. If you omit the port
range, traffic for all types and codes is allowed.
@return [String]

@!attribute [rw] from_port

The start of the port range for the TCP and UDP protocols, or an
ICMP/ICMPv6 type number.

A value of -1 indicates all ICMP/ICMPv6 types. If you specify all
ICMP/ICMPv6 types, you must specify all codes.
@return [Integer]

@!attribute [rw] to_port

The end of the port range for the TCP and UDP protocols, or an
ICMP/ICMPv6 code.

A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all
ICMP/ICMPv6 types, you must specify all codes.
@return [Integer]

@!attribute [rw] user_id_group_pairs

The security group and Amazon Web Services account ID pairs.
@return [Array<Types::AwsEc2SecurityGroupUserIdGroupPair>]

@!attribute [rw] ip_ranges

The IPv4 ranges.
@return [Array<Types::AwsEc2SecurityGroupIpRange>]

@!attribute [rw] ipv_6_ranges

The IPv6 ranges.
@return [Array<Types::AwsEc2SecurityGroupIpv6Range>]

@!attribute [rw] prefix_list_ids

\[VPC only\] The prefix list IDs for an Amazon Web Services service.
With outbound rules, this is the Amazon Web Services service to
access through a VPC endpoint from instances associated with the
security group.
@return [Array<Types::AwsEc2SecurityGroupPrefixListId>]

@see docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2SecurityGroupIpPermission AWS API Documentation

Constants

SENSITIVE