github.com/pulumi/pulumi-aws/sdk/v6@v6.32.0/go/aws/ec2/networkAcl.go (about) 1 // Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. 2 // *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** 3 4 package ec2 5 6 import ( 7 "context" 8 "reflect" 9 10 "errors" 11 "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/internal" 12 "github.com/pulumi/pulumi/sdk/v3/go/pulumi" 13 ) 14 15 // Provides an network ACL resource. You might set up network ACLs with rules similar 16 // to your security groups in order to add an additional layer of security to your VPC. 17 // 18 // > **NOTE on Network ACLs and Network ACL Rules:** This provider currently 19 // provides both a standalone Network ACL Rule resource and a Network ACL resource with rules 20 // defined in-line. At this time you cannot use a Network ACL with in-line rules 21 // in conjunction with any Network ACL Rule resources. Doing so will cause 22 // a conflict of rule settings and will overwrite rules. 23 // 24 // > **NOTE on Network ACLs and Network ACL Associations:** the provider provides both a standalone network ACL association 25 // resource and a network ACL resource with a `subnetIds` attribute. Do not use the same subnet ID in both a network ACL 26 // resource and a network ACL association resource. Doing so will cause a conflict of associations and will overwrite the association. 27 // 28 // ## Example Usage 29 // 30 // <!--Start PulumiCodeChooser --> 31 // ```go 32 // package main 33 // 34 // import ( 35 // 36 // "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2" 37 // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" 38 // 39 // ) 40 // 41 // func main() { 42 // pulumi.Run(func(ctx *pulumi.Context) error { 43 // _, err := ec2.NewNetworkAcl(ctx, "main", &ec2.NetworkAclArgs{ 44 // VpcId: pulumi.Any(mainAwsVpc.Id), 45 // Egress: ec2.NetworkAclEgressArray{ 46 // &ec2.NetworkAclEgressArgs{ 47 // Protocol: pulumi.String("tcp"), 48 // RuleNo: pulumi.Int(200), 49 // Action: pulumi.String("allow"), 50 // CidrBlock: pulumi.String("10.3.0.0/18"), 51 // FromPort: pulumi.Int(443), 52 // ToPort: pulumi.Int(443), 53 // }, 54 // }, 55 // Ingress: ec2.NetworkAclIngressArray{ 56 // &ec2.NetworkAclIngressArgs{ 57 // Protocol: pulumi.String("tcp"), 58 // RuleNo: pulumi.Int(100), 59 // Action: pulumi.String("allow"), 60 // CidrBlock: pulumi.String("10.3.0.0/18"), 61 // FromPort: pulumi.Int(80), 62 // ToPort: pulumi.Int(80), 63 // }, 64 // }, 65 // Tags: pulumi.StringMap{ 66 // "Name": pulumi.String("main"), 67 // }, 68 // }) 69 // if err != nil { 70 // return err 71 // } 72 // return nil 73 // }) 74 // } 75 // 76 // ``` 77 // <!--End PulumiCodeChooser --> 78 // 79 // ## Import 80 // 81 // Using `pulumi import`, import Network ACLs using the `id`. For example: 82 // 83 // ```sh 84 // $ pulumi import aws:ec2/networkAcl:NetworkAcl main acl-7aaabd18 85 // ``` 86 type NetworkAcl struct { 87 pulumi.CustomResourceState 88 89 // The ARN of the network ACL 90 Arn pulumi.StringOutput `pulumi:"arn"` 91 // Specifies an egress rule. Parameters defined below. 92 Egress NetworkAclEgressArrayOutput `pulumi:"egress"` 93 // Specifies an ingress rule. Parameters defined below. 94 Ingress NetworkAclIngressArrayOutput `pulumi:"ingress"` 95 // The ID of the AWS account that owns the network ACL. 96 OwnerId pulumi.StringOutput `pulumi:"ownerId"` 97 // A list of Subnet IDs to apply the ACL to 98 SubnetIds pulumi.StringArrayOutput `pulumi:"subnetIds"` 99 // A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. 100 Tags pulumi.StringMapOutput `pulumi:"tags"` 101 // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. 102 // 103 // Deprecated: Please use `tags` instead. 104 TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"` 105 // The ID of the associated VPC. 106 VpcId pulumi.StringOutput `pulumi:"vpcId"` 107 } 108 109 // NewNetworkAcl registers a new resource with the given unique name, arguments, and options. 110 func NewNetworkAcl(ctx *pulumi.Context, 111 name string, args *NetworkAclArgs, opts ...pulumi.ResourceOption) (*NetworkAcl, error) { 112 if args == nil { 113 return nil, errors.New("missing one or more required arguments") 114 } 115 116 if args.VpcId == nil { 117 return nil, errors.New("invalid value for required argument 'VpcId'") 118 } 119 opts = internal.PkgResourceDefaultOpts(opts) 120 var resource NetworkAcl 121 err := ctx.RegisterResource("aws:ec2/networkAcl:NetworkAcl", name, args, &resource, opts...) 122 if err != nil { 123 return nil, err 124 } 125 return &resource, nil 126 } 127 128 // GetNetworkAcl gets an existing NetworkAcl resource's state with the given name, ID, and optional 129 // state properties that are used to uniquely qualify the lookup (nil if not required). 130 func GetNetworkAcl(ctx *pulumi.Context, 131 name string, id pulumi.IDInput, state *NetworkAclState, opts ...pulumi.ResourceOption) (*NetworkAcl, error) { 132 var resource NetworkAcl 133 err := ctx.ReadResource("aws:ec2/networkAcl:NetworkAcl", name, id, state, &resource, opts...) 134 if err != nil { 135 return nil, err 136 } 137 return &resource, nil 138 } 139 140 // Input properties used for looking up and filtering NetworkAcl resources. 141 type networkAclState struct { 142 // The ARN of the network ACL 143 Arn *string `pulumi:"arn"` 144 // Specifies an egress rule. Parameters defined below. 145 Egress []NetworkAclEgress `pulumi:"egress"` 146 // Specifies an ingress rule. Parameters defined below. 147 Ingress []NetworkAclIngress `pulumi:"ingress"` 148 // The ID of the AWS account that owns the network ACL. 149 OwnerId *string `pulumi:"ownerId"` 150 // A list of Subnet IDs to apply the ACL to 151 SubnetIds []string `pulumi:"subnetIds"` 152 // A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. 153 Tags map[string]string `pulumi:"tags"` 154 // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. 155 // 156 // Deprecated: Please use `tags` instead. 157 TagsAll map[string]string `pulumi:"tagsAll"` 158 // The ID of the associated VPC. 159 VpcId *string `pulumi:"vpcId"` 160 } 161 162 type NetworkAclState struct { 163 // The ARN of the network ACL 164 Arn pulumi.StringPtrInput 165 // Specifies an egress rule. Parameters defined below. 166 Egress NetworkAclEgressArrayInput 167 // Specifies an ingress rule. Parameters defined below. 168 Ingress NetworkAclIngressArrayInput 169 // The ID of the AWS account that owns the network ACL. 170 OwnerId pulumi.StringPtrInput 171 // A list of Subnet IDs to apply the ACL to 172 SubnetIds pulumi.StringArrayInput 173 // A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. 174 Tags pulumi.StringMapInput 175 // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. 176 // 177 // Deprecated: Please use `tags` instead. 178 TagsAll pulumi.StringMapInput 179 // The ID of the associated VPC. 180 VpcId pulumi.StringPtrInput 181 } 182 183 func (NetworkAclState) ElementType() reflect.Type { 184 return reflect.TypeOf((*networkAclState)(nil)).Elem() 185 } 186 187 type networkAclArgs struct { 188 // Specifies an egress rule. Parameters defined below. 189 Egress []NetworkAclEgress `pulumi:"egress"` 190 // Specifies an ingress rule. Parameters defined below. 191 Ingress []NetworkAclIngress `pulumi:"ingress"` 192 // A list of Subnet IDs to apply the ACL to 193 SubnetIds []string `pulumi:"subnetIds"` 194 // A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. 195 Tags map[string]string `pulumi:"tags"` 196 // The ID of the associated VPC. 197 VpcId string `pulumi:"vpcId"` 198 } 199 200 // The set of arguments for constructing a NetworkAcl resource. 201 type NetworkAclArgs struct { 202 // Specifies an egress rule. Parameters defined below. 203 Egress NetworkAclEgressArrayInput 204 // Specifies an ingress rule. Parameters defined below. 205 Ingress NetworkAclIngressArrayInput 206 // A list of Subnet IDs to apply the ACL to 207 SubnetIds pulumi.StringArrayInput 208 // A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. 209 Tags pulumi.StringMapInput 210 // The ID of the associated VPC. 211 VpcId pulumi.StringInput 212 } 213 214 func (NetworkAclArgs) ElementType() reflect.Type { 215 return reflect.TypeOf((*networkAclArgs)(nil)).Elem() 216 } 217 218 type NetworkAclInput interface { 219 pulumi.Input 220 221 ToNetworkAclOutput() NetworkAclOutput 222 ToNetworkAclOutputWithContext(ctx context.Context) NetworkAclOutput 223 } 224 225 func (*NetworkAcl) ElementType() reflect.Type { 226 return reflect.TypeOf((**NetworkAcl)(nil)).Elem() 227 } 228 229 func (i *NetworkAcl) ToNetworkAclOutput() NetworkAclOutput { 230 return i.ToNetworkAclOutputWithContext(context.Background()) 231 } 232 233 func (i *NetworkAcl) ToNetworkAclOutputWithContext(ctx context.Context) NetworkAclOutput { 234 return pulumi.ToOutputWithContext(ctx, i).(NetworkAclOutput) 235 } 236 237 // NetworkAclArrayInput is an input type that accepts NetworkAclArray and NetworkAclArrayOutput values. 238 // You can construct a concrete instance of `NetworkAclArrayInput` via: 239 // 240 // NetworkAclArray{ NetworkAclArgs{...} } 241 type NetworkAclArrayInput interface { 242 pulumi.Input 243 244 ToNetworkAclArrayOutput() NetworkAclArrayOutput 245 ToNetworkAclArrayOutputWithContext(context.Context) NetworkAclArrayOutput 246 } 247 248 type NetworkAclArray []NetworkAclInput 249 250 func (NetworkAclArray) ElementType() reflect.Type { 251 return reflect.TypeOf((*[]*NetworkAcl)(nil)).Elem() 252 } 253 254 func (i NetworkAclArray) ToNetworkAclArrayOutput() NetworkAclArrayOutput { 255 return i.ToNetworkAclArrayOutputWithContext(context.Background()) 256 } 257 258 func (i NetworkAclArray) ToNetworkAclArrayOutputWithContext(ctx context.Context) NetworkAclArrayOutput { 259 return pulumi.ToOutputWithContext(ctx, i).(NetworkAclArrayOutput) 260 } 261 262 // NetworkAclMapInput is an input type that accepts NetworkAclMap and NetworkAclMapOutput values. 263 // You can construct a concrete instance of `NetworkAclMapInput` via: 264 // 265 // NetworkAclMap{ "key": NetworkAclArgs{...} } 266 type NetworkAclMapInput interface { 267 pulumi.Input 268 269 ToNetworkAclMapOutput() NetworkAclMapOutput 270 ToNetworkAclMapOutputWithContext(context.Context) NetworkAclMapOutput 271 } 272 273 type NetworkAclMap map[string]NetworkAclInput 274 275 func (NetworkAclMap) ElementType() reflect.Type { 276 return reflect.TypeOf((*map[string]*NetworkAcl)(nil)).Elem() 277 } 278 279 func (i NetworkAclMap) ToNetworkAclMapOutput() NetworkAclMapOutput { 280 return i.ToNetworkAclMapOutputWithContext(context.Background()) 281 } 282 283 func (i NetworkAclMap) ToNetworkAclMapOutputWithContext(ctx context.Context) NetworkAclMapOutput { 284 return pulumi.ToOutputWithContext(ctx, i).(NetworkAclMapOutput) 285 } 286 287 type NetworkAclOutput struct{ *pulumi.OutputState } 288 289 func (NetworkAclOutput) ElementType() reflect.Type { 290 return reflect.TypeOf((**NetworkAcl)(nil)).Elem() 291 } 292 293 func (o NetworkAclOutput) ToNetworkAclOutput() NetworkAclOutput { 294 return o 295 } 296 297 func (o NetworkAclOutput) ToNetworkAclOutputWithContext(ctx context.Context) NetworkAclOutput { 298 return o 299 } 300 301 // The ARN of the network ACL 302 func (o NetworkAclOutput) Arn() pulumi.StringOutput { 303 return o.ApplyT(func(v *NetworkAcl) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput) 304 } 305 306 // Specifies an egress rule. Parameters defined below. 307 func (o NetworkAclOutput) Egress() NetworkAclEgressArrayOutput { 308 return o.ApplyT(func(v *NetworkAcl) NetworkAclEgressArrayOutput { return v.Egress }).(NetworkAclEgressArrayOutput) 309 } 310 311 // Specifies an ingress rule. Parameters defined below. 312 func (o NetworkAclOutput) Ingress() NetworkAclIngressArrayOutput { 313 return o.ApplyT(func(v *NetworkAcl) NetworkAclIngressArrayOutput { return v.Ingress }).(NetworkAclIngressArrayOutput) 314 } 315 316 // The ID of the AWS account that owns the network ACL. 317 func (o NetworkAclOutput) OwnerId() pulumi.StringOutput { 318 return o.ApplyT(func(v *NetworkAcl) pulumi.StringOutput { return v.OwnerId }).(pulumi.StringOutput) 319 } 320 321 // A list of Subnet IDs to apply the ACL to 322 func (o NetworkAclOutput) SubnetIds() pulumi.StringArrayOutput { 323 return o.ApplyT(func(v *NetworkAcl) pulumi.StringArrayOutput { return v.SubnetIds }).(pulumi.StringArrayOutput) 324 } 325 326 // A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. 327 func (o NetworkAclOutput) Tags() pulumi.StringMapOutput { 328 return o.ApplyT(func(v *NetworkAcl) pulumi.StringMapOutput { return v.Tags }).(pulumi.StringMapOutput) 329 } 330 331 // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. 332 // 333 // Deprecated: Please use `tags` instead. 334 func (o NetworkAclOutput) TagsAll() pulumi.StringMapOutput { 335 return o.ApplyT(func(v *NetworkAcl) pulumi.StringMapOutput { return v.TagsAll }).(pulumi.StringMapOutput) 336 } 337 338 // The ID of the associated VPC. 339 func (o NetworkAclOutput) VpcId() pulumi.StringOutput { 340 return o.ApplyT(func(v *NetworkAcl) pulumi.StringOutput { return v.VpcId }).(pulumi.StringOutput) 341 } 342 343 type NetworkAclArrayOutput struct{ *pulumi.OutputState } 344 345 func (NetworkAclArrayOutput) ElementType() reflect.Type { 346 return reflect.TypeOf((*[]*NetworkAcl)(nil)).Elem() 347 } 348 349 func (o NetworkAclArrayOutput) ToNetworkAclArrayOutput() NetworkAclArrayOutput { 350 return o 351 } 352 353 func (o NetworkAclArrayOutput) ToNetworkAclArrayOutputWithContext(ctx context.Context) NetworkAclArrayOutput { 354 return o 355 } 356 357 func (o NetworkAclArrayOutput) Index(i pulumi.IntInput) NetworkAclOutput { 358 return pulumi.All(o, i).ApplyT(func(vs []interface{}) *NetworkAcl { 359 return vs[0].([]*NetworkAcl)[vs[1].(int)] 360 }).(NetworkAclOutput) 361 } 362 363 type NetworkAclMapOutput struct{ *pulumi.OutputState } 364 365 func (NetworkAclMapOutput) ElementType() reflect.Type { 366 return reflect.TypeOf((*map[string]*NetworkAcl)(nil)).Elem() 367 } 368 369 func (o NetworkAclMapOutput) ToNetworkAclMapOutput() NetworkAclMapOutput { 370 return o 371 } 372 373 func (o NetworkAclMapOutput) ToNetworkAclMapOutputWithContext(ctx context.Context) NetworkAclMapOutput { 374 return o 375 } 376 377 func (o NetworkAclMapOutput) MapIndex(k pulumi.StringInput) NetworkAclOutput { 378 return pulumi.All(o, k).ApplyT(func(vs []interface{}) *NetworkAcl { 379 return vs[0].(map[string]*NetworkAcl)[vs[1].(string)] 380 }).(NetworkAclOutput) 381 } 382 383 func init() { 384 pulumi.RegisterInputType(reflect.TypeOf((*NetworkAclInput)(nil)).Elem(), &NetworkAcl{}) 385 pulumi.RegisterInputType(reflect.TypeOf((*NetworkAclArrayInput)(nil)).Elem(), NetworkAclArray{}) 386 pulumi.RegisterInputType(reflect.TypeOf((*NetworkAclMapInput)(nil)).Elem(), NetworkAclMap{}) 387 pulumi.RegisterOutputType(NetworkAclOutput{}) 388 pulumi.RegisterOutputType(NetworkAclArrayOutput{}) 389 pulumi.RegisterOutputType(NetworkAclMapOutput{}) 390 }