Docs
PackagesTry AWS Native preview for resources not in the classic version.
aws.ec2.TrafficMirrorFilterRule
Explore with Pulumi AI
Try AWS Native preview for resources not in the classic version.
Provides an Traffic mirror filter rule.
Read limits and considerations for traffic mirroring
Example Usage
To create a basic traffic mirror session
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var filter = new Aws.Ec2.TrafficMirrorFilter("filter", new()
{
Description = "traffic mirror filter - example",
NetworkServices = new[]
{
"amazon-dns",
},
});
var ruleout = new Aws.Ec2.TrafficMirrorFilterRule("ruleout", new()
{
Description = "test rule",
TrafficMirrorFilterId = filter.Id,
DestinationCidrBlock = "10.0.0.0/8",
SourceCidrBlock = "10.0.0.0/8",
RuleNumber = 1,
RuleAction = "accept",
TrafficDirection = "egress",
});
var rulein = new Aws.Ec2.TrafficMirrorFilterRule("rulein", new()
{
Description = "test rule",
TrafficMirrorFilterId = filter.Id,
DestinationCidrBlock = "10.0.0.0/8",
SourceCidrBlock = "10.0.0.0/8",
RuleNumber = 1,
RuleAction = "accept",
TrafficDirection = "ingress",
Protocol = 6,
DestinationPortRange = new Aws.Ec2.Inputs.TrafficMirrorFilterRuleDestinationPortRangeArgs
{
FromPort = 22,
ToPort = 53,
},
SourcePortRange = new Aws.Ec2.Inputs.TrafficMirrorFilterRuleSourcePortRangeArgs
{
FromPort = 0,
ToPort = 10,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
filter, err := ec2.NewTrafficMirrorFilter(ctx, "filter", &ec2.TrafficMirrorFilterArgs{
Description: pulumi.String("traffic mirror filter - example"),
NetworkServices: pulumi.StringArray{
pulumi.String("amazon-dns"),
},
})
if err != nil {
return err
}
_, err = ec2.NewTrafficMirrorFilterRule(ctx, "ruleout", &ec2.TrafficMirrorFilterRuleArgs{
Description: pulumi.String("test rule"),
TrafficMirrorFilterId: filter.ID(),
DestinationCidrBlock: pulumi.String("10.0.0.0/8"),
SourceCidrBlock: pulumi.String("10.0.0.0/8"),
RuleNumber: pulumi.Int(1),
RuleAction: pulumi.String("accept"),
TrafficDirection: pulumi.String("egress"),
})
if err != nil {
return err
}
_, err = ec2.NewTrafficMirrorFilterRule(ctx, "rulein", &ec2.TrafficMirrorFilterRuleArgs{
Description: pulumi.String("test rule"),
TrafficMirrorFilterId: filter.ID(),
DestinationCidrBlock: pulumi.String("10.0.0.0/8"),
SourceCidrBlock: pulumi.String("10.0.0.0/8"),
RuleNumber: pulumi.Int(1),
RuleAction: pulumi.String("accept"),
TrafficDirection: pulumi.String("ingress"),
Protocol: pulumi.Int(6),
DestinationPortRange: &ec2.TrafficMirrorFilterRuleDestinationPortRangeArgs{
FromPort: pulumi.Int(22),
ToPort: pulumi.Int(53),
},
SourcePortRange: &ec2.TrafficMirrorFilterRuleSourcePortRangeArgs{
FromPort: pulumi.Int(0),
ToPort: pulumi.Int(10),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.TrafficMirrorFilter;
import com.pulumi.aws.ec2.TrafficMirrorFilterArgs;
import com.pulumi.aws.ec2.TrafficMirrorFilterRule;
import com.pulumi.aws.ec2.TrafficMirrorFilterRuleArgs;
import com.pulumi.aws.ec2.inputs.TrafficMirrorFilterRuleDestinationPortRangeArgs;
import com.pulumi.aws.ec2.inputs.TrafficMirrorFilterRuleSourcePortRangeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var filter = new TrafficMirrorFilter("filter", TrafficMirrorFilterArgs.builder()
.description("traffic mirror filter - example")
.networkServices("amazon-dns")
.build());
var ruleout = new TrafficMirrorFilterRule("ruleout", TrafficMirrorFilterRuleArgs.builder()
.description("test rule")
.trafficMirrorFilterId(filter.id())
.destinationCidrBlock("10.0.0.0/8")
.sourceCidrBlock("10.0.0.0/8")
.ruleNumber(1)
.ruleAction("accept")
.trafficDirection("egress")
.build());
var rulein = new TrafficMirrorFilterRule("rulein", TrafficMirrorFilterRuleArgs.builder()
.description("test rule")
.trafficMirrorFilterId(filter.id())
.destinationCidrBlock("10.0.0.0/8")
.sourceCidrBlock("10.0.0.0/8")
.ruleNumber(1)
.ruleAction("accept")
.trafficDirection("ingress")
.protocol(6)
.destinationPortRange(TrafficMirrorFilterRuleDestinationPortRangeArgs.builder()
.fromPort(22)
.toPort(53)
.build())
.sourcePortRange(TrafficMirrorFilterRuleSourcePortRangeArgs.builder()
.fromPort(0)
.toPort(10)
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
filter = aws.ec2.TrafficMirrorFilter("filter",
description="traffic mirror filter - example",
network_services=["amazon-dns"])
ruleout = aws.ec2.TrafficMirrorFilterRule("ruleout",
description="test rule",
traffic_mirror_filter_id=filter.id,
destination_cidr_block="10.0.0.0/8",
source_cidr_block="10.0.0.0/8",
rule_number=1,
rule_action="accept",
traffic_direction="egress")
rulein = aws.ec2.TrafficMirrorFilterRule("rulein",
description="test rule",
traffic_mirror_filter_id=filter.id,
destination_cidr_block="10.0.0.0/8",
source_cidr_block="10.0.0.0/8",
rule_number=1,
rule_action="accept",
traffic_direction="ingress",
protocol=6,
destination_port_range=aws.ec2.TrafficMirrorFilterRuleDestinationPortRangeArgs(
from_port=22,
to_port=53,
),
source_port_range=aws.ec2.TrafficMirrorFilterRuleSourcePortRangeArgs(
from_port=0,
to_port=10,
))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const filter = new aws.ec2.TrafficMirrorFilter("filter", {
description: "traffic mirror filter - example",
networkServices: ["amazon-dns"],
});
const ruleout = new aws.ec2.TrafficMirrorFilterRule("ruleout", {
description: "test rule",
trafficMirrorFilterId: filter.id,
destinationCidrBlock: "10.0.0.0/8",
sourceCidrBlock: "10.0.0.0/8",
ruleNumber: 1,
ruleAction: "accept",
trafficDirection: "egress",
});
const rulein = new aws.ec2.TrafficMirrorFilterRule("rulein", {
description: "test rule",
trafficMirrorFilterId: filter.id,
destinationCidrBlock: "10.0.0.0/8",
sourceCidrBlock: "10.0.0.0/8",
ruleNumber: 1,
ruleAction: "accept",
trafficDirection: "ingress",
protocol: 6,
destinationPortRange: {
fromPort: 22,
toPort: 53,
},
sourcePortRange: {
fromPort: 0,
toPort: 10,
},
});
resources:
filter:
type: aws:ec2:TrafficMirrorFilter
properties:
description: traffic mirror filter - example
networkServices:
- amazon-dns
ruleout:
type: aws:ec2:TrafficMirrorFilterRule
properties:
description: test rule
trafficMirrorFilterId: ${filter.id}
destinationCidrBlock: 10.0.0.0/8
sourceCidrBlock: 10.0.0.0/8
ruleNumber: 1
ruleAction: accept
trafficDirection: egress
rulein:
type: aws:ec2:TrafficMirrorFilterRule
properties:
description: test rule
trafficMirrorFilterId: ${filter.id}
destinationCidrBlock: 10.0.0.0/8
sourceCidrBlock: 10.0.0.0/8
ruleNumber: 1
ruleAction: accept
trafficDirection: ingress
protocol: 6
destinationPortRange:
fromPort: 22
toPort: 53
sourcePortRange:
fromPort: 0
toPort: 10
Create TrafficMirrorFilterRule Resource
new TrafficMirrorFilterRule(name: string, args: TrafficMirrorFilterRuleArgs, opts?: CustomResourceOptions);@overload
def TrafficMirrorFilterRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
destination_cidr_block: Optional[str] = None,
destination_port_range: Optional[TrafficMirrorFilterRuleDestinationPortRangeArgs] = None,
protocol: Optional[int] = None,
rule_action: Optional[str] = None,
rule_number: Optional[int] = None,
source_cidr_block: Optional[str] = None,
source_port_range: Optional[TrafficMirrorFilterRuleSourcePortRangeArgs] = None,
traffic_direction: Optional[str] = None,
traffic_mirror_filter_id: Optional[str] = None)
@overload
def TrafficMirrorFilterRule(resource_name: str,
args: TrafficMirrorFilterRuleArgs,
opts: Optional[ResourceOptions] = None)func NewTrafficMirrorFilterRule(ctx *Context, name string, args TrafficMirrorFilterRuleArgs, opts ...ResourceOption) (*TrafficMirrorFilterRule, error)public TrafficMirrorFilterRule(string name, TrafficMirrorFilterRuleArgs args, CustomResourceOptions? opts = null)
public TrafficMirrorFilterRule(String name, TrafficMirrorFilterRuleArgs args)
public TrafficMirrorFilterRule(String name, TrafficMirrorFilterRuleArgs args, CustomResourceOptions options)
type: aws:ec2:TrafficMirrorFilterRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args TrafficMirrorFilterRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args TrafficMirrorFilterRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args TrafficMirrorFilterRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args TrafficMirrorFilterRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args TrafficMirrorFilterRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
TrafficMirrorFilterRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The TrafficMirrorFilterRule resource accepts the following input properties:
- Destination
Cidr stringBlock Destination CIDR block to assign to the Traffic Mirror rule.
- Rule
Action string Action to take (accept | reject) on the filtered traffic. Valid values are
acceptandreject- Rule
Number int Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
- Source
Cidr stringBlock Source CIDR block to assign to the Traffic Mirror rule.
- Traffic
Direction string Direction of traffic to be captured. Valid values are
ingressandegressTraffic mirror port range support following attributes:
- Traffic
Mirror stringFilter Id ID of the traffic mirror filter to which this rule should be added
- Description string
Description of the traffic mirror filter rule.
- Destination
Port TrafficRange Mirror Filter Rule Destination Port Range Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- Protocol int
Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
- Source
Port TrafficRange Mirror Filter Rule Source Port Range Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- Destination
Cidr stringBlock Destination CIDR block to assign to the Traffic Mirror rule.
- Rule
Action string Action to take (accept | reject) on the filtered traffic. Valid values are
acceptandreject- Rule
Number int Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
- Source
Cidr stringBlock Source CIDR block to assign to the Traffic Mirror rule.
- Traffic
Direction string Direction of traffic to be captured. Valid values are
ingressandegressTraffic mirror port range support following attributes:
- Traffic
Mirror stringFilter Id ID of the traffic mirror filter to which this rule should be added
- Description string
Description of the traffic mirror filter rule.
- Destination
Port TrafficRange Mirror Filter Rule Destination Port Range Args Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- Protocol int
Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
- Source
Port TrafficRange Mirror Filter Rule Source Port Range Args Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- destination
Cidr StringBlock Destination CIDR block to assign to the Traffic Mirror rule.
- rule
Action String Action to take (accept | reject) on the filtered traffic. Valid values are
acceptandreject- rule
Number Integer Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
- source
Cidr StringBlock Source CIDR block to assign to the Traffic Mirror rule.
- traffic
Direction String Direction of traffic to be captured. Valid values are
ingressandegressTraffic mirror port range support following attributes:
- traffic
Mirror StringFilter Id ID of the traffic mirror filter to which this rule should be added
- description String
Description of the traffic mirror filter rule.
- destination
Port TrafficRange Mirror Filter Rule Destination Port Range Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- protocol Integer
Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
- source
Port TrafficRange Mirror Filter Rule Source Port Range Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- destination
Cidr stringBlock Destination CIDR block to assign to the Traffic Mirror rule.
- rule
Action string Action to take (accept | reject) on the filtered traffic. Valid values are
acceptandreject- rule
Number number Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
- source
Cidr stringBlock Source CIDR block to assign to the Traffic Mirror rule.
- traffic
Direction string Direction of traffic to be captured. Valid values are
ingressandegressTraffic mirror port range support following attributes:
- traffic
Mirror stringFilter Id ID of the traffic mirror filter to which this rule should be added
- description string
Description of the traffic mirror filter rule.
- destination
Port TrafficRange Mirror Filter Rule Destination Port Range Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- protocol number
Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
- source
Port TrafficRange Mirror Filter Rule Source Port Range Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- destination_
cidr_ strblock Destination CIDR block to assign to the Traffic Mirror rule.
- rule_
action str Action to take (accept | reject) on the filtered traffic. Valid values are
acceptandreject- rule_
number int Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
- source_
cidr_ strblock Source CIDR block to assign to the Traffic Mirror rule.
- traffic_
direction str Direction of traffic to be captured. Valid values are
ingressandegressTraffic mirror port range support following attributes:
- traffic_
mirror_ strfilter_ id ID of the traffic mirror filter to which this rule should be added
- description str
Description of the traffic mirror filter rule.
- destination_
port_ Trafficrange Mirror Filter Rule Destination Port Range Args Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- protocol int
Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
- source_
port_ Trafficrange Mirror Filter Rule Source Port Range Args Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- destination
Cidr StringBlock Destination CIDR block to assign to the Traffic Mirror rule.
- rule
Action String Action to take (accept | reject) on the filtered traffic. Valid values are
acceptandreject- rule
Number Number Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
- source
Cidr StringBlock Source CIDR block to assign to the Traffic Mirror rule.
- traffic
Direction String Direction of traffic to be captured. Valid values are
ingressandegressTraffic mirror port range support following attributes:
- traffic
Mirror StringFilter Id ID of the traffic mirror filter to which this rule should be added
- description String
Description of the traffic mirror filter rule.
- destination
Port Property MapRange Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- protocol Number
Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
- source
Port Property MapRange Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
Outputs
All input properties are implicitly available as output properties. Additionally, the TrafficMirrorFilterRule resource produces the following output properties:
Look up Existing TrafficMirrorFilterRule Resource
Get an existing TrafficMirrorFilterRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: TrafficMirrorFilterRuleState, opts?: CustomResourceOptions): TrafficMirrorFilterRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
arn: Optional[str] = None,
description: Optional[str] = None,
destination_cidr_block: Optional[str] = None,
destination_port_range: Optional[TrafficMirrorFilterRuleDestinationPortRangeArgs] = None,
protocol: Optional[int] = None,
rule_action: Optional[str] = None,
rule_number: Optional[int] = None,
source_cidr_block: Optional[str] = None,
source_port_range: Optional[TrafficMirrorFilterRuleSourcePortRangeArgs] = None,
traffic_direction: Optional[str] = None,
traffic_mirror_filter_id: Optional[str] = None) -> TrafficMirrorFilterRulefunc GetTrafficMirrorFilterRule(ctx *Context, name string, id IDInput, state *TrafficMirrorFilterRuleState, opts ...ResourceOption) (*TrafficMirrorFilterRule, error)public static TrafficMirrorFilterRule Get(string name, Input<string> id, TrafficMirrorFilterRuleState? state, CustomResourceOptions? opts = null)public static TrafficMirrorFilterRule get(String name, Output<String> id, TrafficMirrorFilterRuleState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Arn string
ARN of the traffic mirror filter rule.
- Description string
Description of the traffic mirror filter rule.
- Destination
Cidr stringBlock Destination CIDR block to assign to the Traffic Mirror rule.
- Destination
Port TrafficRange Mirror Filter Rule Destination Port Range Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- Protocol int
Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
- Rule
Action string Action to take (accept | reject) on the filtered traffic. Valid values are
acceptandreject- Rule
Number int Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
- Source
Cidr stringBlock Source CIDR block to assign to the Traffic Mirror rule.
- Source
Port TrafficRange Mirror Filter Rule Source Port Range Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- Traffic
Direction string Direction of traffic to be captured. Valid values are
ingressandegressTraffic mirror port range support following attributes:
- Traffic
Mirror stringFilter Id ID of the traffic mirror filter to which this rule should be added
- Arn string
ARN of the traffic mirror filter rule.
- Description string
Description of the traffic mirror filter rule.
- Destination
Cidr stringBlock Destination CIDR block to assign to the Traffic Mirror rule.
- Destination
Port TrafficRange Mirror Filter Rule Destination Port Range Args Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- Protocol int
Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
- Rule
Action string Action to take (accept | reject) on the filtered traffic. Valid values are
acceptandreject- Rule
Number int Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
- Source
Cidr stringBlock Source CIDR block to assign to the Traffic Mirror rule.
- Source
Port TrafficRange Mirror Filter Rule Source Port Range Args Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- Traffic
Direction string Direction of traffic to be captured. Valid values are
ingressandegressTraffic mirror port range support following attributes:
- Traffic
Mirror stringFilter Id ID of the traffic mirror filter to which this rule should be added
- arn String
ARN of the traffic mirror filter rule.
- description String
Description of the traffic mirror filter rule.
- destination
Cidr StringBlock Destination CIDR block to assign to the Traffic Mirror rule.
- destination
Port TrafficRange Mirror Filter Rule Destination Port Range Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- protocol Integer
Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
- rule
Action String Action to take (accept | reject) on the filtered traffic. Valid values are
acceptandreject- rule
Number Integer Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
- source
Cidr StringBlock Source CIDR block to assign to the Traffic Mirror rule.
- source
Port TrafficRange Mirror Filter Rule Source Port Range Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- traffic
Direction String Direction of traffic to be captured. Valid values are
ingressandegressTraffic mirror port range support following attributes:
- traffic
Mirror StringFilter Id ID of the traffic mirror filter to which this rule should be added
- arn string
ARN of the traffic mirror filter rule.
- description string
Description of the traffic mirror filter rule.
- destination
Cidr stringBlock Destination CIDR block to assign to the Traffic Mirror rule.
- destination
Port TrafficRange Mirror Filter Rule Destination Port Range Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- protocol number
Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
- rule
Action string Action to take (accept | reject) on the filtered traffic. Valid values are
acceptandreject- rule
Number number Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
- source
Cidr stringBlock Source CIDR block to assign to the Traffic Mirror rule.
- source
Port TrafficRange Mirror Filter Rule Source Port Range Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- traffic
Direction string Direction of traffic to be captured. Valid values are
ingressandegressTraffic mirror port range support following attributes:
- traffic
Mirror stringFilter Id ID of the traffic mirror filter to which this rule should be added
- arn str
ARN of the traffic mirror filter rule.
- description str
Description of the traffic mirror filter rule.
- destination_
cidr_ strblock Destination CIDR block to assign to the Traffic Mirror rule.
- destination_
port_ Trafficrange Mirror Filter Rule Destination Port Range Args Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- protocol int
Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
- rule_
action str Action to take (accept | reject) on the filtered traffic. Valid values are
acceptandreject- rule_
number int Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
- source_
cidr_ strblock Source CIDR block to assign to the Traffic Mirror rule.
- source_
port_ Trafficrange Mirror Filter Rule Source Port Range Args Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- traffic_
direction str Direction of traffic to be captured. Valid values are
ingressandegressTraffic mirror port range support following attributes:
- traffic_
mirror_ strfilter_ id ID of the traffic mirror filter to which this rule should be added
- arn String
ARN of the traffic mirror filter rule.
- description String
Description of the traffic mirror filter rule.
- destination
Cidr StringBlock Destination CIDR block to assign to the Traffic Mirror rule.
- destination
Port Property MapRange Destination port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- protocol Number
Protocol number, for example 17 (UDP), to assign to the Traffic Mirror rule. For information about the protocol value, see Protocol Numbers on the Internet Assigned Numbers Authority (IANA) website.
- rule
Action String Action to take (accept | reject) on the filtered traffic. Valid values are
acceptandreject- rule
Number Number Number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
- source
Cidr StringBlock Source CIDR block to assign to the Traffic Mirror rule.
- source
Port Property MapRange Source port range. Supported only when the protocol is set to TCP(6) or UDP(17). See Traffic mirror port range documented below
- traffic
Direction String Direction of traffic to be captured. Valid values are
ingressandegressTraffic mirror port range support following attributes:
- traffic
Mirror StringFilter Id ID of the traffic mirror filter to which this rule should be added
Supporting Types
TrafficMirrorFilterRuleDestinationPortRange, TrafficMirrorFilterRuleDestinationPortRangeArgs
TrafficMirrorFilterRuleSourcePortRange, TrafficMirrorFilterRuleSourcePortRangeArgs
Import
Using pulumi import, import traffic mirror rules using the traffic_mirror_filter_id and id separated by :. For example:
$ pulumi import aws:ec2/trafficMirrorFilterRule:TrafficMirrorFilterRule rule tmf-0fbb93ddf38198f64:tmfr-05a458f06445d0aee
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
awsTerraform Provider.
Try AWS Native preview for resources not in the classic version.