1. Packages
  2. AWS Classic
  3. API Docs
  4. ec2
  5. TrafficMirrorFilterRule

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.27.0 published on Monday, Mar 18, 2024 by Pulumi

aws.ec2.TrafficMirrorFilterRule

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.27.0 published on Monday, Mar 18, 2024 by Pulumi

    Provides an Traffic mirror filter rule.
    Read limits and considerations for traffic mirroring

    Example Usage

    To create a basic traffic mirror session

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const filter = new aws.ec2.TrafficMirrorFilter("filter", {
        description: "traffic mirror filter - example",
        networkServices: ["amazon-dns"],
    });
    const ruleout = new aws.ec2.TrafficMirrorFilterRule("ruleout", {
        description: "test rule",
        trafficMirrorFilterId: filter.id,
        destinationCidrBlock: "10.0.0.0/8",
        sourceCidrBlock: "10.0.0.0/8",
        ruleNumber: 1,
        ruleAction: "accept",
        trafficDirection: "egress",
    });
    const rulein = new aws.ec2.TrafficMirrorFilterRule("rulein", {
        description: "test rule",
        trafficMirrorFilterId: filter.id,
        destinationCidrBlock: "10.0.0.0/8",
        sourceCidrBlock: "10.0.0.0/8",
        ruleNumber: 1,
        ruleAction: "accept",
        trafficDirection: "ingress",
        protocol: 6,
        destinationPortRange: {
            fromPort: 22,
            toPort: 53,
        },
        sourcePortRange: {
            fromPort: 0,
            toPort: 10,
        },
    });
    
    import pulumi
    import pulumi_aws as aws
    
    filter = aws.ec2.TrafficMirrorFilter("filter",
        description="traffic mirror filter - example",
        network_services=["amazon-dns"])
    ruleout = aws.ec2.TrafficMirrorFilterRule("ruleout",
        description="test rule",
        traffic_mirror_filter_id=filter.id,
        destination_cidr_block="10.0.0.0/8",
        source_cidr_block="10.0.0.0/8",
        rule_number=1,
        rule_action="accept",
        traffic_direction="egress")
    rulein = aws.ec2.TrafficMirrorFilterRule("rulein",
        description="test rule",
        traffic_mirror_filter_id=filter.id,
        destination_cidr_block="10.0.0.0/8",
        source_cidr_block="10.0.0.0/8",
        rule_number=1,
        rule_action="accept",
        traffic_direction="ingress",
        protocol=6,
        destination_port_range=aws.ec2.TrafficMirrorFilterRuleDestinationPortRangeArgs(
            from_port=22,
            to_port=53,
        ),
        source_port_range=aws.ec2.TrafficMirrorFilterRuleSourcePortRangeArgs(
            from_port=0,
            to_port=10,
        ))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		filter, err := ec2.NewTrafficMirrorFilter(ctx, "filter", &ec2.TrafficMirrorFilterArgs{
    			Description: pulumi.String("traffic mirror filter - example"),
    			NetworkServices: pulumi.StringArray{
    				pulumi.String("amazon-dns"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = ec2.NewTrafficMirrorFilterRule(ctx, "ruleout", &ec2.TrafficMirrorFilterRuleArgs{
    			Description:           pulumi.String("test rule"),
    			TrafficMirrorFilterId: filter.ID(),
    			DestinationCidrBlock:  pulumi.String("10.0.0.0/8"),
    			SourceCidrBlock:       pulumi.String("10.0.0.0/8"),
    			RuleNumber:            pulumi.Int(1),
    			RuleAction:            pulumi.String("accept"),
    			TrafficDirection:      pulumi.String("egress"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = ec2.NewTrafficMirrorFilterRule(ctx, "rulein", &ec2.TrafficMirrorFilterRuleArgs{
    			Description:           pulumi.String("test rule"),
    			TrafficMirrorFilterId: filter.ID(),
    			DestinationCidrBlock:  pulumi.String("10.0.0.0/8"),
    			SourceCidrBlock:       pulumi.String("10.0.0.0/8"),
    			RuleNumber:            pulumi.Int(1),
    			RuleAction:            pulumi.String("accept"),
    			TrafficDirection:      pulumi.String("ingress"),
    			Protocol:              pulumi.Int(6),
    			DestinationPortRange: &ec2.TrafficMirrorFilterRuleDestinationPortRangeArgs{
    				FromPort: pulumi.Int(22),
    				ToPort:   pulumi.Int(53),
    			},
    			SourcePortRange: &ec2.TrafficMirrorFilterRuleSourcePortRangeArgs{
    				FromPort: pulumi.Int(0),
    				ToPort:   pulumi.Int(10),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var filter = new Aws.Ec2.TrafficMirrorFilter("filter", new()
        {
            Description = "traffic mirror filter - example",
            NetworkServices = new[]
            {
                "amazon-dns",
            },
        });
    
        var ruleout = new Aws.Ec2.TrafficMirrorFilterRule("ruleout", new()
        {
            Description = "test rule",
            TrafficMirrorFilterId = filter.Id,
            DestinationCidrBlock = "10.0.0.0/8",
            SourceCidrBlock = "10.0.0.0/8",
            RuleNumber = 1,
            RuleAction = "accept",
            TrafficDirection = "egress",
        });
    
        var rulein = new Aws.Ec2.TrafficMirrorFilterRule("rulein", new()
        {
            Description = "test rule",
            TrafficMirrorFilterId = filter.Id,
            DestinationCidrBlock = "10.0.0.0/8",
            SourceCidrBlock = "10.0.0.0/8",
            RuleNumber = 1,
            RuleAction = "accept",
            TrafficDirection = "ingress",
            Protocol = 6,
            DestinationPortRange = new Aws.Ec2.Inputs.TrafficMirrorFilterRuleDestinationPortRangeArgs
            {
                FromPort = 22,
                ToPort = 53,
            },
            SourcePortRange = new Aws.Ec2.Inputs.TrafficMirrorFilterRuleSourcePortRangeArgs
            {
                FromPort = 0,
                ToPort = 10,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.ec2.TrafficMirrorFilter;
    import com.pulumi.aws.ec2.TrafficMirrorFilterArgs;
    import com.pulumi.aws.ec2.TrafficMirrorFilterRule;
    import com.pulumi.aws.ec2.TrafficMirrorFilterRuleArgs;
    import com.pulumi.aws.ec2.inputs.TrafficMirrorFilterRuleDestinationPortRangeArgs;
    import com.pulumi.aws.ec2.inputs.TrafficMirrorFilterRuleSourcePortRangeArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var filter = new TrafficMirrorFilter("filter", TrafficMirrorFilterArgs.builder()        
                .description("traffic mirror filter - example")
                .networkServices("amazon-dns")
                .build());
    
            var ruleout = new TrafficMirrorFilterRule("ruleout", TrafficMirrorFilterRuleArgs.builder()        
                .description("test rule")
                .trafficMirrorFilterId(filter.id())
                .destinationCidrBlock("10.0.0.0/8")
                .sourceCidrBlock("10.0.0.0/8")
                .ruleNumber(1)
                .ruleAction("accept")
                .trafficDirection("egress")
                .build());
    
            var rulein = new TrafficMirrorFilterRule("rulein", TrafficMirrorFilterRuleArgs.builder()        
                .description("test rule")
                .trafficMirrorFilterId(filter.id())
                .destinationCidrBlock("10.0.0.0/8")
                .sourceCidrBlock("10.0.0.0/8")
                .ruleNumber(1)
                .ruleAction("accept")
                .trafficDirection("ingress")
                .protocol(6)
                .destinationPortRange(TrafficMirrorFilterRuleDestinationPortRangeArgs.builder()
                    .fromPort(22)
                    .toPort(53)
                    .build())
                .sourcePortRange(TrafficMirrorFilterRuleSourcePortRangeArgs.builder()
                    .fromPort(0)
                    .toPort(10)
                    .build())
                .build());
    
        }
    }
    
    resources:
      filter:
        type: aws:ec2:TrafficMirrorFilter
        properties:
          description: traffic mirror filter - example
          networkServices:
            - amazon-dns
      ruleout:
        type: aws:ec2:TrafficMirrorFilterRule
        properties:
          description: test rule
          trafficMirrorFilterId: ${filter.id}
          destinationCidrBlock: 10.0.0.0/8
          sourceCidrBlock: 10.0.0.0/8
          ruleNumber: 1
          ruleAction: accept
          trafficDirection: egress
      rulein:
        type: aws:ec2:TrafficMirrorFilterRule
        properties:
          description: test rule
          trafficMirrorFilterId: ${filter.id}
          destinationCidrBlock: 10.0.0.0/8
          sourceCidrBlock: 10.0.0.0/8
          ruleNumber: 1
          ruleAction: accept
          trafficDirection: ingress
          protocol: 6
          destinationPortRange:
            fromPort: 22
            toPort: 53
          sourcePortRange:
            fromPort: 0
            toPort: 10
    

    Create TrafficMirrorFilterRule Resource

    new TrafficMirrorFilterRule(name: string, args: TrafficMirrorFilterRuleArgs, opts?: CustomResourceOptions);
    @overload
    def TrafficMirrorFilterRule(resource_name: str,
                                opts: Optional[ResourceOptions] = None,
                                description: Optional[str] = None,
                                destination_cidr_block: Optional[str] = None,
                                destination_port_range: Optional[TrafficMirrorFilterRuleDestinationPortRangeArgs] = None,
                                protocol: Optional[int] = None,
                                rule_action: Optional[str] = None,
                                rule_number: Optional[int] = None,
                                source_cidr_block: Optional[str] = None,
                                source_port_range: Optional[TrafficMirrorFilterRuleSourcePortRangeArgs] = None,
                                traffic_direction: Optional[str] = None,
                                traffic_mirror_filter_id: Optional[str] = None)
    @overload
    def TrafficMirrorFilterRule(resource_name: str,
                                args: TrafficMirrorFilterRuleArgs,
                                opts: Optional[ResourceOptions] = None)
    func NewTrafficMirrorFilterRule(ctx *Context, name string, args TrafficMirrorFilterRuleArgs, opts ...ResourceOption) (*TrafficMirrorFilterRule, error)
    public TrafficMirrorFilterRule(string name, TrafficMirrorFilterRuleArgs args, CustomResourceOptions? opts = null)
    public TrafficMirrorFilterRule(String name, TrafficMirrorFilterRuleArgs args)
    public TrafficMirrorFilterRule(String name, TrafficMirrorFilterRuleArgs args, CustomResourceOptions options)
    
    type: aws:ec2:TrafficMirrorFilterRule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args TrafficMirrorFilterRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args TrafficMirrorFilterRuleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args TrafficMirrorFilterRuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args TrafficMirrorFilterRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args TrafficMirrorFilterRuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    TrafficMirrorFilterRule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The TrafficMirrorFilterRule resource accepts the following input properties:

    DestinationCidrBlock string
    Destination CIDR block to assign to the Traffic Mirror rule.
    RuleAction string
    Action to take (accept | reject) on the filtered traffic. Valid values are accept and reject
    RuleNumber int
    Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
    SourceCidrBlock string
    Source CIDR block to assign to the Traffic Mirror rule.
    TrafficDirection string

    Direction of traffic to be captured. Valid values are ingress and egress

    Traffic mirror port range support following attributes:

    TrafficMirrorFilterId string
    ID of the traffic mirror filter to which this rule should be added
    Description string
    Description of the traffic mirror filter rule.
    DestinationPortRange TrafficMirrorFilterRuleDestinationPortRange
    Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    Protocol int
    Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
    SourcePortRange TrafficMirrorFilterRuleSourcePortRange
    Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    DestinationCidrBlock string
    Destination CIDR block to assign to the Traffic Mirror rule.
    RuleAction string
    Action to take (accept | reject) on the filtered traffic. Valid values are accept and reject
    RuleNumber int
    Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
    SourceCidrBlock string
    Source CIDR block to assign to the Traffic Mirror rule.
    TrafficDirection string

    Direction of traffic to be captured. Valid values are ingress and egress

    Traffic mirror port range support following attributes:

    TrafficMirrorFilterId string
    ID of the traffic mirror filter to which this rule should be added
    Description string
    Description of the traffic mirror filter rule.
    DestinationPortRange TrafficMirrorFilterRuleDestinationPortRangeArgs
    Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    Protocol int
    Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
    SourcePortRange TrafficMirrorFilterRuleSourcePortRangeArgs
    Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    destinationCidrBlock String
    Destination CIDR block to assign to the Traffic Mirror rule.
    ruleAction String
    Action to take (accept | reject) on the filtered traffic. Valid values are accept and reject
    ruleNumber Integer
    Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
    sourceCidrBlock String
    Source CIDR block to assign to the Traffic Mirror rule.
    trafficDirection String

    Direction of traffic to be captured. Valid values are ingress and egress

    Traffic mirror port range support following attributes:

    trafficMirrorFilterId String
    ID of the traffic mirror filter to which this rule should be added
    description String
    Description of the traffic mirror filter rule.
    destinationPortRange TrafficMirrorFilterRuleDestinationPortRange
    Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    protocol Integer
    Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
    sourcePortRange TrafficMirrorFilterRuleSourcePortRange
    Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    destinationCidrBlock string
    Destination CIDR block to assign to the Traffic Mirror rule.
    ruleAction string
    Action to take (accept | reject) on the filtered traffic. Valid values are accept and reject
    ruleNumber number
    Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
    sourceCidrBlock string
    Source CIDR block to assign to the Traffic Mirror rule.
    trafficDirection string

    Direction of traffic to be captured. Valid values are ingress and egress

    Traffic mirror port range support following attributes:

    trafficMirrorFilterId string
    ID of the traffic mirror filter to which this rule should be added
    description string
    Description of the traffic mirror filter rule.
    destinationPortRange TrafficMirrorFilterRuleDestinationPortRange
    Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    protocol number
    Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
    sourcePortRange TrafficMirrorFilterRuleSourcePortRange
    Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    destination_cidr_block str
    Destination CIDR block to assign to the Traffic Mirror rule.
    rule_action str
    Action to take (accept | reject) on the filtered traffic. Valid values are accept and reject
    rule_number int
    Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
    source_cidr_block str
    Source CIDR block to assign to the Traffic Mirror rule.
    traffic_direction str

    Direction of traffic to be captured. Valid values are ingress and egress

    Traffic mirror port range support following attributes:

    traffic_mirror_filter_id str
    ID of the traffic mirror filter to which this rule should be added
    description str
    Description of the traffic mirror filter rule.
    destination_port_range TrafficMirrorFilterRuleDestinationPortRangeArgs
    Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    protocol int
    Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
    source_port_range TrafficMirrorFilterRuleSourcePortRangeArgs
    Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    destinationCidrBlock String
    Destination CIDR block to assign to the Traffic Mirror rule.
    ruleAction String
    Action to take (accept | reject) on the filtered traffic. Valid values are accept and reject
    ruleNumber Number
    Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
    sourceCidrBlock String
    Source CIDR block to assign to the Traffic Mirror rule.
    trafficDirection String

    Direction of traffic to be captured. Valid values are ingress and egress

    Traffic mirror port range support following attributes:

    trafficMirrorFilterId String
    ID of the traffic mirror filter to which this rule should be added
    description String
    Description of the traffic mirror filter rule.
    destinationPortRange Property Map
    Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    protocol Number
    Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
    sourcePortRange Property Map
    Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below

    Outputs

    All input properties are implicitly available as output properties. Additionally, the TrafficMirrorFilterRule resource produces the following output properties:

    Arn string
    ARN of the traffic mirror filter rule.
    Id string
    The provider-assigned unique ID for this managed resource.
    Arn string
    ARN of the traffic mirror filter rule.
    Id string
    The provider-assigned unique ID for this managed resource.
    arn String
    ARN of the traffic mirror filter rule.
    id String
    The provider-assigned unique ID for this managed resource.
    arn string
    ARN of the traffic mirror filter rule.
    id string
    The provider-assigned unique ID for this managed resource.
    arn str
    ARN of the traffic mirror filter rule.
    id str
    The provider-assigned unique ID for this managed resource.
    arn String
    ARN of the traffic mirror filter rule.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing TrafficMirrorFilterRule Resource

    Get an existing TrafficMirrorFilterRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: TrafficMirrorFilterRuleState, opts?: CustomResourceOptions): TrafficMirrorFilterRule
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            arn: Optional[str] = None,
            description: Optional[str] = None,
            destination_cidr_block: Optional[str] = None,
            destination_port_range: Optional[TrafficMirrorFilterRuleDestinationPortRangeArgs] = None,
            protocol: Optional[int] = None,
            rule_action: Optional[str] = None,
            rule_number: Optional[int] = None,
            source_cidr_block: Optional[str] = None,
            source_port_range: Optional[TrafficMirrorFilterRuleSourcePortRangeArgs] = None,
            traffic_direction: Optional[str] = None,
            traffic_mirror_filter_id: Optional[str] = None) -> TrafficMirrorFilterRule
    func GetTrafficMirrorFilterRule(ctx *Context, name string, id IDInput, state *TrafficMirrorFilterRuleState, opts ...ResourceOption) (*TrafficMirrorFilterRule, error)
    public static TrafficMirrorFilterRule Get(string name, Input<string> id, TrafficMirrorFilterRuleState? state, CustomResourceOptions? opts = null)
    public static TrafficMirrorFilterRule get(String name, Output<String> id, TrafficMirrorFilterRuleState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Arn string
    ARN of the traffic mirror filter rule.
    Description string
    Description of the traffic mirror filter rule.
    DestinationCidrBlock string
    Destination CIDR block to assign to the Traffic Mirror rule.
    DestinationPortRange TrafficMirrorFilterRuleDestinationPortRange
    Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    Protocol int
    Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
    RuleAction string
    Action to take (accept | reject) on the filtered traffic. Valid values are accept and reject
    RuleNumber int
    Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
    SourceCidrBlock string
    Source CIDR block to assign to the Traffic Mirror rule.
    SourcePortRange TrafficMirrorFilterRuleSourcePortRange
    Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    TrafficDirection string

    Direction of traffic to be captured. Valid values are ingress and egress

    Traffic mirror port range support following attributes:

    TrafficMirrorFilterId string
    ID of the traffic mirror filter to which this rule should be added
    Arn string
    ARN of the traffic mirror filter rule.
    Description string
    Description of the traffic mirror filter rule.
    DestinationCidrBlock string
    Destination CIDR block to assign to the Traffic Mirror rule.
    DestinationPortRange TrafficMirrorFilterRuleDestinationPortRangeArgs
    Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    Protocol int
    Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
    RuleAction string
    Action to take (accept | reject) on the filtered traffic. Valid values are accept and reject
    RuleNumber int
    Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
    SourceCidrBlock string
    Source CIDR block to assign to the Traffic Mirror rule.
    SourcePortRange TrafficMirrorFilterRuleSourcePortRangeArgs
    Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    TrafficDirection string

    Direction of traffic to be captured. Valid values are ingress and egress

    Traffic mirror port range support following attributes:

    TrafficMirrorFilterId string
    ID of the traffic mirror filter to which this rule should be added
    arn String
    ARN of the traffic mirror filter rule.
    description String
    Description of the traffic mirror filter rule.
    destinationCidrBlock String
    Destination CIDR block to assign to the Traffic Mirror rule.
    destinationPortRange TrafficMirrorFilterRuleDestinationPortRange
    Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    protocol Integer
    Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
    ruleAction String
    Action to take (accept | reject) on the filtered traffic. Valid values are accept and reject
    ruleNumber Integer
    Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
    sourceCidrBlock String
    Source CIDR block to assign to the Traffic Mirror rule.
    sourcePortRange TrafficMirrorFilterRuleSourcePortRange
    Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    trafficDirection String

    Direction of traffic to be captured. Valid values are ingress and egress

    Traffic mirror port range support following attributes:

    trafficMirrorFilterId String
    ID of the traffic mirror filter to which this rule should be added
    arn string
    ARN of the traffic mirror filter rule.
    description string
    Description of the traffic mirror filter rule.
    destinationCidrBlock string
    Destination CIDR block to assign to the Traffic Mirror rule.
    destinationPortRange TrafficMirrorFilterRuleDestinationPortRange
    Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    protocol number
    Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
    ruleAction string
    Action to take (accept | reject) on the filtered traffic. Valid values are accept and reject
    ruleNumber number
    Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
    sourceCidrBlock string
    Source CIDR block to assign to the Traffic Mirror rule.
    sourcePortRange TrafficMirrorFilterRuleSourcePortRange
    Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    trafficDirection string

    Direction of traffic to be captured. Valid values are ingress and egress

    Traffic mirror port range support following attributes:

    trafficMirrorFilterId string
    ID of the traffic mirror filter to which this rule should be added
    arn str
    ARN of the traffic mirror filter rule.
    description str
    Description of the traffic mirror filter rule.
    destination_cidr_block str
    Destination CIDR block to assign to the Traffic Mirror rule.
    destination_port_range TrafficMirrorFilterRuleDestinationPortRangeArgs
    Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    protocol int
    Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
    rule_action str
    Action to take (accept | reject) on the filtered traffic. Valid values are accept and reject
    rule_number int
    Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
    source_cidr_block str
    Source CIDR block to assign to the Traffic Mirror rule.
    source_port_range TrafficMirrorFilterRuleSourcePortRangeArgs
    Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    traffic_direction str

    Direction of traffic to be captured. Valid values are ingress and egress

    Traffic mirror port range support following attributes:

    traffic_mirror_filter_id str
    ID of the traffic mirror filter to which this rule should be added
    arn String
    ARN of the traffic mirror filter rule.
    description String
    Description of the traffic mirror filter rule.
    destinationCidrBlock String
    Destination CIDR block to assign to the Traffic Mirror rule.
    destinationPortRange Property Map
    Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    protocol Number
    Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
    ruleAction String
    Action to take (accept | reject) on the filtered traffic. Valid values are accept and reject
    ruleNumber Number
    Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
    sourceCidrBlock String
    Source CIDR block to assign to the Traffic Mirror rule.
    sourcePortRange Property Map
    Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
    trafficDirection String

    Direction of traffic to be captured. Valid values are ingress and egress

    Traffic mirror port range support following attributes:

    trafficMirrorFilterId String
    ID of the traffic mirror filter to which this rule should be added

    Supporting Types

    TrafficMirrorFilterRuleDestinationPortRange, TrafficMirrorFilterRuleDestinationPortRangeArgs

    FromPort int
    Starting port of the range
    ToPort int
    Ending port of the range
    FromPort int
    Starting port of the range
    ToPort int
    Ending port of the range
    fromPort Integer
    Starting port of the range
    toPort Integer
    Ending port of the range
    fromPort number
    Starting port of the range
    toPort number
    Ending port of the range
    from_port int
    Starting port of the range
    to_port int
    Ending port of the range
    fromPort Number
    Starting port of the range
    toPort Number
    Ending port of the range

    TrafficMirrorFilterRuleSourcePortRange, TrafficMirrorFilterRuleSourcePortRangeArgs

    FromPort int
    Starting port of the range
    ToPort int
    Ending port of the range
    FromPort int
    Starting port of the range
    ToPort int
    Ending port of the range
    fromPort Integer
    Starting port of the range
    toPort Integer
    Ending port of the range
    fromPort number
    Starting port of the range
    toPort number
    Ending port of the range
    from_port int
    Starting port of the range
    to_port int
    Ending port of the range
    fromPort Number
    Starting port of the range
    toPort Number
    Ending port of the range

    Import

    Using pulumi import, import traffic mirror rules using the traffic_mirror_filter_id and id separated by :. For example:

    $ pulumi import aws:ec2/trafficMirrorFilterRule:TrafficMirrorFilterRule rule tmf-0fbb93ddf38198f64:tmfr-05a458f06445d0aee
    

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.27.0 published on Monday, Mar 18, 2024 by Pulumi