ReplaceNetworkAclEntry
In this article:
ReplaceNetworkAclEntry#
Updates a rule in a network ACL.
Request Parameters#
cidrBlock — The IPv4 address range in CIDR notation.
Type: String
Required: Yes
egress — Indicates whether this is an egress rule.
Type: Boolean
Required: Yes
Icmp — The ICMP type and code.
Type: IcmpTypeCode
Required: Yes
ipv6CidrBlock — The IPv6 address range in CIDR notation.
Type: String
Required: Yes
networkAclId — The ID of the network ACL.
Type: String
Required: Yes
PortRange — The port range the rule applies to. For TCP or UDP only.
Type: PortRange
Required: Yes
Protocol — The protocol. The value
-1oralldenotes all protocols. If you specifyall, `` -1``, or a protocol number (not TCP, UDP, or ICMP), traffic will be allowed on all ports, regardless of any ports or ICMP types or codes you specify.Type: String
Required: Yes
RuleAction — Indicates whether to allow or deny the traffic that matches the rule.
Type: String
Valid values:
allow|denyRequired: Yes
RuleNumber — The rule number of the entry to be replaced.
Type: Integer
Required: Yes
Attention
The rule number must fall within the range of 0 to 32766.
Response Elements#
requestId — The request ID
Type: String
return —
Trueis returned if the request succeeds, and an error otherwiseType: Boolean
Examples#
c2-ec2 ReplaceNetworkAclEntry NetworkAclId <network_acl_id> RuleNumber <rule_number>\
Protocol <protocol> RuleAction <rule_action> Egress <egress>\
CidrBlock "cidr_block"
c2-ec2 ReplaceNetworkAclEntry NetworkAclId <network_acl_id> RuleNumber <rule_number>\
Protocol 6 RuleAction <rule_action> Egress <egress>\
CidrBlock <cidr_block> PortRange.From <port_from> PortRange.To <port_to>
c2-ec2 ReplaceNetworkAclEntry NetworkAclId <network_acl_id> RuleNumber <rule_number>\
Protocol 1 RuleAction <rule_action> Egress <egress>\
CidrBlock <cidr_block> Icmp.Code <icmp_code> Icmp.Type <icmp_type>