UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

124 lines (123 loc) 3.5 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
import type { IConnectable } from './connections'; /** * Common configuration properties shared by ingress and egress security group rules */ export interface RuleConfig { /** * The IPv4 address range, in CIDR format * * @default - No IPv4 CIDR */ readonly cidrIp?: string; /** * The IPv6 address range, in CIDR format * * @default - No IPv6 CIDR */ readonly cidrIpv6?: string; } /** * Configuration for an ingress security group rule * * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-properties-ec2-securitygroup-ingress.html */ export interface IngressRuleConfig extends RuleConfig { /** * The ID of a source prefix list * * @default - No source prefix list */ readonly sourcePrefixListId?: string; /** * The ID of a source security group * * @default - No source security group */ readonly sourceSecurityGroupId?: string; /** * The AWS account ID of the owner of a source security group * * @default - No source security group owner ID */ readonly sourceSecurityGroupOwnerId?: string; } /** * Configuration for an egress security group rule * * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-properties-ec2-securitygroup-egress.html */ export interface EgressRuleConfig extends RuleConfig { /** * The ID of a destination prefix list * * @default - No destination prefix list */ readonly destinationPrefixListId?: string; /** * The ID of a destination security group * * @default - No destination security group */ readonly destinationSecurityGroupId?: string; } /** * Interface for classes that provide the peer-specification parts of a security group rule */ export interface IPeer extends IConnectable { /** * Whether the rule can be inlined into a SecurityGroup or not */ readonly canInlineRule: boolean; /** * A unique identifier for this connection peer */ readonly uniqueId: string; /** * Produce the ingress rule JSON for the given connection */ toIngressRuleConfig(): IngressRuleConfig; /** * Produce the egress rule JSON for the given connection */ toEgressRuleConfig(): EgressRuleConfig; } /** * Peer object factories (to be used in Security Group management) * * The static methods on this object can be used to create peer objects * which represent a connection partner in Security Group rules. * * Use this object if you need to represent connection partners using plain IP * addresses, or a prefix list ID. * * If you want to address a connection partner by Security Group, you can just * use the Security Group (or the construct that contains a Security Group) * directly, as it already implements `IPeer`. */ export declare class Peer { /** * Create an IPv4 peer from a CIDR */ static ipv4(cidrIp: string): IPeer; /** * Any IPv4 address */ static anyIpv4(): IPeer; /** * Create an IPv6 peer from a CIDR */ static ipv6(cidrIp: string): IPeer; /** * Any IPv6 address */ static anyIpv6(): IPeer; /** * A prefix list */ static prefixList(prefixListId: string): IPeer; /** * A security group ID */ static securityGroupId(securityGroupId: string, sourceSecurityGroupOwnerId?: string): IPeer; protected constructor(); }