Class: Aws::EC2::Types::VpcBlockPublicAccessOptions

Inherits:

Struct

• Object
• Struct
• Aws::EC2::Types::VpcBlockPublicAccessOptions

Includes:

Structure

Defined in:

lib/aws-sdk-ec2/types.rb

Overview

VPC Block Public Access (BPA) enables you to block resources in VPCs and subnets that you own in a Region from reaching or being reached from the internet through internet gateways and egress-only internet gateways. To learn more about VPC BPA, see [Block public access to VPCs and subnets] in the *Amazon VPC User Guide*.

[1]: docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #aws_account_id ⇒ String

  An Amazon Web Services account ID.

• #aws_region ⇒ String

  An Amazon Web Services Region.

• #exclusions_allowed ⇒ String

  Determines if exclusions are allowed.

• #internet_gateway_block_mode ⇒ String

  The current mode of VPC BPA.

• #last_update_timestamp ⇒ Time

  The last time the VPC BPA mode was updated.

• #managed_by ⇒ String

  The entity that manages the state of VPC BPA.

• #reason ⇒ String

  The reason for the current state.

• #state ⇒ String

  The current state of VPC BPA.

Instance Attribute Details

#aws_account_id ⇒ String

An Amazon Web Services account ID.

Returns:

• (String)

# File 'lib/aws-sdk-ec2/types.rb', line 72928

class VpcBlockPublicAccessOptions < Struct.new(
  :aws_account_id,
  :aws_region,
  :state,
  :internet_gateway_block_mode,
  :reason,
  :last_update_timestamp,
  :managed_by,
  :exclusions_allowed)
  SENSITIVE = []
  include Aws::Structure
end

#aws_region ⇒ String

An Amazon Web Services Region.

Returns:

• (String)

# File 'lib/aws-sdk-ec2/types.rb', line 72928

class VpcBlockPublicAccessOptions < Struct.new(
  :aws_account_id,
  :aws_region,
  :state,
  :internet_gateway_block_mode,
  :reason,
  :last_update_timestamp,
  :managed_by,
  :exclusions_allowed)
  SENSITIVE = []
  include Aws::Structure
end

#exclusions_allowed ⇒ String

Determines if exclusions are allowed. If you have [enabled VPC BPA at the Organization level], exclusions may be ‘not-allowed`. Otherwise, they are `allowed`.

[1]: docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html#security-vpc-bpa-exclusions-orgs

Returns:

• (String)

# File 'lib/aws-sdk-ec2/types.rb', line 72928

class VpcBlockPublicAccessOptions < Struct.new(
  :aws_account_id,
  :aws_region,
  :state,
  :internet_gateway_block_mode,
  :reason,
  :last_update_timestamp,
  :managed_by,
  :exclusions_allowed)
  SENSITIVE = []
  include Aws::Structure
end

#internet_gateway_block_mode ⇒ String

The current mode of VPC BPA.

• ‘off`: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.

• ‘block-bidirectional`: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).

• ‘block-ingress`: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.

Returns:

• (String)

# File 'lib/aws-sdk-ec2/types.rb', line 72928

class VpcBlockPublicAccessOptions < Struct.new(
  :aws_account_id,
  :aws_region,
  :state,
  :internet_gateway_block_mode,
  :reason,
  :last_update_timestamp,
  :managed_by,
  :exclusions_allowed)
  SENSITIVE = []
  include Aws::Structure
end

#last_update_timestamp ⇒ Time

The last time the VPC BPA mode was updated.

Returns:

• (Time)

# File 'lib/aws-sdk-ec2/types.rb', line 72928

class VpcBlockPublicAccessOptions < Struct.new(
  :aws_account_id,
  :aws_region,
  :state,
  :internet_gateway_block_mode,
  :reason,
  :last_update_timestamp,
  :managed_by,
  :exclusions_allowed)
  SENSITIVE = []
  include Aws::Structure
end

#managed_by ⇒ String

The entity that manages the state of VPC BPA. Possible values include:

• ‘account` - The state is managed by the account.

• ‘declarative-policy` - The state is managed by a declarative policy and can’t be modified by the account.

Returns:

• (String)

# File 'lib/aws-sdk-ec2/types.rb', line 72928

class VpcBlockPublicAccessOptions < Struct.new(
  :aws_account_id,
  :aws_region,
  :state,
  :internet_gateway_block_mode,
  :reason,
  :last_update_timestamp,
  :managed_by,
  :exclusions_allowed)
  SENSITIVE = []
  include Aws::Structure
end

#reason ⇒ String

The reason for the current state.

Returns:

• (String)

# File 'lib/aws-sdk-ec2/types.rb', line 72928

class VpcBlockPublicAccessOptions < Struct.new(
  :aws_account_id,
  :aws_region,
  :state,
  :internet_gateway_block_mode,
  :reason,
  :last_update_timestamp,
  :managed_by,
  :exclusions_allowed)
  SENSITIVE = []
  include Aws::Structure
end

#state ⇒ String

The current state of VPC BPA.

Returns:

• (String)

# File 'lib/aws-sdk-ec2/types.rb', line 72928

class VpcBlockPublicAccessOptions < Struct.new(
  :aws_account_id,
  :aws_region,
  :state,
  :internet_gateway_block_mode,
  :reason,
  :last_update_timestamp,
  :managed_by,
  :exclusions_allowed)
  SENSITIVE = []
  include Aws::Structure
end