1VM::EC2::SecurityGroup:U:sIeprPeCromnitsrsiibount(e3d)PVeMr:l:EDCo2c:u:mSeenctuartiitoynGroup::IpPermission(3)
2
3
4
6 VM::EC2::SecurityGroup::IpPermission - Object describing a firewall
7 rule in an EC2 security group.
8
10 $ec2 = VM::EC2->new(...);
11 $sg = $ec2->describe_security_groups(-name=>'My Group');
12
13 my @rules = $sg->ipPermissions;
14 for my $rule (@rules) { # each rule is a VM::EC2::SecurityGroup::IpPermission
15 $protocol = $rule->ipProtocol;
16 $fromPort = $rule->fromPort;
17 $toPort = $rule->toPort;
18 @ranges = $rule->ipRanges;
19 @groups = $rule->groups;
20 }
21
23 This object is used to describe the firewall rules defined within an
24 Amazon EC2 security group. It is returned by the VM::EC2::SecurityGroup
25 object's ipPermissions() and ipPermissionsEgress() methods (these are
26 also known as inbound_permissions() and outbound_permissions()).
27
29 $protocol = $rule->ipProtocol
30 Return the IP protocol for this rule: one of "tcp", "udp" or "icmp".
31
32 $port = $rule->fromPort
33 Start of the port range defined by this rule, or the ICMP type code.
34 This will be a numeric value, like 80, or -1 to indicate all
35 ports/codes.
36
37 $port = $rule->toPort
38 End of the port range defined by this rule, or the ICMP type code. This
39 will be a numeric value, like 80, or -1 to indicate all ports/codes.
40
41 @ips = $rule->ipRanges
42 This method will return a list of the IP addresses that are allowed to
43 originate or receive traffic, provided that the rule defines IP-based
44 firewall filtering.
45
46 Each address is a CIDR (classless internet domain routing) address in
47 the form a.b.c.d/n, such as 10.23.91.0/24
48 (http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing). The
49 "any" address is in the form 0.0.0.0/0.
50
51 @groups = $rule->groups
52 This method will return a list of the security groups that are allowed
53 to originate or receive traffic from instances assigned to this
54 security group, provided that the rule defines group-based traffic
55 filtering.
56
57 Each returned object is a VM::EC2::SecurityGroup::GroupPermission, not
58 a VM::EC2::SecurityGroup. The reason for this is that these traffic
59 filtering groups can include security groups owned by other accounts
60
61 The GroupPermission objects define the methods userId(), groupId() and
62 groupName().
63
65 When used in a string context, this object will interpolate the rule
66 using the following templates:
67
68 TCP port 22 open to any host:
69
70 "tcp(22..22) FROM CIDR 0.0.0.0/0"
71
72 TCP ports 23 through 39 open to the two class C networks 192.168.0.*
73 and 192.168.1.*:
74
75 "tcp(23..29) FROM CIDR 192.168.0.0/24,192.168.1.0/24"
76
77 UDP port 80 from security group "default" owned by you and the group
78 named "farmville" owned by user 9999999:
79
80 "udp(80..80) GRPNAME default,9999999/farmville"
81
83 VM::EC2 VM::EC2::Generic VM::EC2::Instance VM::EC2::SecurityGroup
84 VM::EC2::SecurityGroup::IpPermission
85 VM::EC2::SecurityGroup::GroupPermission
86
88 Lincoln Stein <lincoln.stein@gmail.com>.
89
90 Copyright (c) 2011 Ontario Institute for Cancer Research
91
92 This package and its accompanying libraries is free software; you can
93 redistribute it and/or modify it under the terms of the GPL (either
94 version 1, or at your option, any later version) or the Artistic
95 License 2.0. Refer to LICENSE for the full license text. In addition,
96 please see DISCLAIMER.txt for disclaimers of warranty.
97
98
99
100perl v5.36.0 2022-0V7M-:2:2EC2::SecurityGroup::IpPermission(3)