traffic_mirror_filter_rules
Creates, updates, deletes or gets a traffic_mirror_filter_rule resource or lists traffic_mirror_filter_rules in a region
Overview
| Name | traffic_mirror_filter_rules |
| Type | Resource |
| Description | Resource Type definition for for AWS::EC2::TrafficMirrorFilterRule |
| Id | awscc.ec2.traffic_mirror_filter_rules |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
destination_port_range | object | The destination port range. |
description | string | The description of the Traffic Mirror Filter rule. |
rule_action | string | The action to take on the filtered traffic (accept/reject). |
source_cidr_block | string | The source CIDR block to assign to the Traffic Mirror Filter rule. |
rule_number | integer | The number of the Traffic Mirror rule. |
destination_cidr_block | string | The destination CIDR block to assign to the Traffic Mirror rule. |
traffic_mirror_filter_rule_id | string | The ID of the Traffic Mirror Filter rule. |
traffic_mirror_filter_id | string | The ID of the filter that this rule is associated with. |
traffic_direction | string | The direction of traffic (ingress/egress). |
protocol | integer | The number of protocol, for example 17 (UDP), to assign to the Traffic Mirror rule. |
tags | array | Any tags assigned to the Traffic Mirror Filter rule. |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
traffic_mirror_filter_rule_id | string | The ID of the Traffic Mirror Filter rule. |
region | string | AWS region. |
For more information, see AWS::EC2::TrafficMirrorFilterRule.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | traffic_mirror_filter_rules | INSERT | RuleAction, SourceCidrBlock, RuleNumber, DestinationCidrBlock, TrafficMirrorFilterId, TrafficDirection, region |
delete_resource | traffic_mirror_filter_rules | DELETE | Identifier, region |
update_resource | traffic_mirror_filter_rules | UPDATE | Identifier, PatchDocument, region |
list_resources | traffic_mirror_filter_rules_list_only | SELECT | region |
get_resource | traffic_mirror_filter_rules | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual traffic_mirror_filter_rule.
SELECT
region,
destination_port_range,
description,
source_port_range,
rule_action,
source_cidr_block,
rule_number,
destination_cidr_block,
traffic_mirror_filter_rule_id,
traffic_mirror_filter_id,
traffic_direction,
protocol,
tags
FROM awscc.ec2.traffic_mirror_filter_rules
WHERE
region = 'us-east-1' AND
Identifier = '{{ traffic_mirror_filter_rule_id }}';
Lists all traffic_mirror_filter_rules in a region.
SELECT
region,
traffic_mirror_filter_rule_id
FROM awscc.ec2.traffic_mirror_filter_rules_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new traffic_mirror_filter_rule resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.ec2.traffic_mirror_filter_rules (
RuleAction,
SourceCidrBlock,
RuleNumber,
DestinationCidrBlock,
TrafficMirrorFilterId,
TrafficDirection,
region
)
SELECT
'{{ rule_action }}',
'{{ source_cidr_block }}',
'{{ rule_number }}',
'{{ destination_cidr_block }}',
'{{ traffic_mirror_filter_id }}',
'{{ traffic_direction }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.ec2.traffic_mirror_filter_rules (
DestinationPortRange,
Description,
SourcePortRange,
RuleAction,
SourceCidrBlock,
RuleNumber,
DestinationCidrBlock,
TrafficMirrorFilterId,
TrafficDirection,
Protocol,
Tags,
region
)
SELECT
'{{ destination_port_range }}',
'{{ description }}',
'{{ source_port_range }}',
'{{ rule_action }}',
'{{ source_cidr_block }}',
'{{ rule_number }}',
'{{ destination_cidr_block }}',
'{{ traffic_mirror_filter_id }}',
'{{ traffic_direction }}',
'{{ protocol }}',
'{{ tags }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: traffic_mirror_filter_rule
props:
- name: destination_port_range
value:
from_port: '{{ from_port }}'
to_port: '{{ to_port }}'
- name: description
value: '{{ description }}'
- name: source_port_range
value: null
- name: rule_action
value: '{{ rule_action }}'
- name: source_cidr_block
value: '{{ source_cidr_block }}'
- name: rule_number
value: '{{ rule_number }}'
- name: destination_cidr_block
value: '{{ destination_cidr_block }}'
- name: traffic_mirror_filter_id
value: '{{ traffic_mirror_filter_id }}'
- name: traffic_direction
value: '{{ traffic_direction }}'
- name: protocol
value: '{{ protocol }}'
- name: tags
value:
- key: '{{ key }}'
value: '{{ value }}'
UPDATE example
Use the following StackQL query and manifest file to update a traffic_mirror_filter_rule resource, using stack-deploy.
/*+ update */
UPDATE awscc.ec2.traffic_mirror_filter_rules
SET PatchDocument = string('{{ {
"DestinationPortRange": destination_port_range,
"Description": description,
"SourcePortRange": source_port_range,
"RuleAction": rule_action,
"SourceCidrBlock": source_cidr_block,
"RuleNumber": rule_number,
"DestinationCidrBlock": destination_cidr_block,
"TrafficDirection": traffic_direction,
"Protocol": protocol,
"Tags": tags
} | generate_patch_document }}')
WHERE
region = '{{ region }}' AND
Identifier = '{{ traffic_mirror_filter_rule_id }}';
DELETE example
/*+ delete */
DELETE FROM awscc.ec2.traffic_mirror_filter_rules
WHERE
Identifier = '{{ traffic_mirror_filter_rule_id }}' AND
region = 'us-east-1';
Permissions
To operate on the traffic_mirror_filter_rules resource, the following permissions are required:
- Create
- Read
- Update
- Delete
- List
ec2:CreateTrafficMirrorFilterRule,
ec2:CreateTags,
ec2:DescribeTrafficMirrorFilterRules
ec2:DescribeTrafficMirrorFilterRules
ec2:ModifyTrafficMirrorFilterRule,
ec2:CreateTags,
ec2:DeleteTags
ec2:DeleteTrafficMirrorFilterRule
ec2:DescribeTrafficMirrorFilterRules