1# coding: utf-8 2# Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved. 3# This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. 4 5 6from oci.util import formatted_flat_dict, NONE_SENTINEL, value_allowed_none_or_none_sentinel # noqa: F401 7from oci.decorators import init_model_state_from_kwargs 8 9 10@init_model_state_from_kwargs 11class AddSecurityRuleDetails(object): 12 """ 13 A rule for allowing inbound (INGRESS) or outbound (EGRESS) IP packets. 14 """ 15 16 #: A constant which can be used with the destination_type property of a AddSecurityRuleDetails. 17 #: This constant has a value of "CIDR_BLOCK" 18 DESTINATION_TYPE_CIDR_BLOCK = "CIDR_BLOCK" 19 20 #: A constant which can be used with the destination_type property of a AddSecurityRuleDetails. 21 #: This constant has a value of "SERVICE_CIDR_BLOCK" 22 DESTINATION_TYPE_SERVICE_CIDR_BLOCK = "SERVICE_CIDR_BLOCK" 23 24 #: A constant which can be used with the destination_type property of a AddSecurityRuleDetails. 25 #: This constant has a value of "NETWORK_SECURITY_GROUP" 26 DESTINATION_TYPE_NETWORK_SECURITY_GROUP = "NETWORK_SECURITY_GROUP" 27 28 #: A constant which can be used with the direction property of a AddSecurityRuleDetails. 29 #: This constant has a value of "EGRESS" 30 DIRECTION_EGRESS = "EGRESS" 31 32 #: A constant which can be used with the direction property of a AddSecurityRuleDetails. 33 #: This constant has a value of "INGRESS" 34 DIRECTION_INGRESS = "INGRESS" 35 36 #: A constant which can be used with the source_type property of a AddSecurityRuleDetails. 37 #: This constant has a value of "CIDR_BLOCK" 38 SOURCE_TYPE_CIDR_BLOCK = "CIDR_BLOCK" 39 40 #: A constant which can be used with the source_type property of a AddSecurityRuleDetails. 41 #: This constant has a value of "SERVICE_CIDR_BLOCK" 42 SOURCE_TYPE_SERVICE_CIDR_BLOCK = "SERVICE_CIDR_BLOCK" 43 44 #: A constant which can be used with the source_type property of a AddSecurityRuleDetails. 45 #: This constant has a value of "NETWORK_SECURITY_GROUP" 46 SOURCE_TYPE_NETWORK_SECURITY_GROUP = "NETWORK_SECURITY_GROUP" 47 48 def __init__(self, **kwargs): 49 """ 50 Initializes a new AddSecurityRuleDetails object with values from keyword arguments. 51 The following keyword arguments are supported (corresponding to the getters/setters of this class): 52 53 :param description: 54 The value to assign to the description property of this AddSecurityRuleDetails. 55 :type description: str 56 57 :param destination: 58 The value to assign to the destination property of this AddSecurityRuleDetails. 59 :type destination: str 60 61 :param destination_type: 62 The value to assign to the destination_type property of this AddSecurityRuleDetails. 63 Allowed values for this property are: "CIDR_BLOCK", "SERVICE_CIDR_BLOCK", "NETWORK_SECURITY_GROUP" 64 :type destination_type: str 65 66 :param direction: 67 The value to assign to the direction property of this AddSecurityRuleDetails. 68 Allowed values for this property are: "EGRESS", "INGRESS" 69 :type direction: str 70 71 :param icmp_options: 72 The value to assign to the icmp_options property of this AddSecurityRuleDetails. 73 :type icmp_options: oci.core.models.IcmpOptions 74 75 :param is_stateless: 76 The value to assign to the is_stateless property of this AddSecurityRuleDetails. 77 :type is_stateless: bool 78 79 :param protocol: 80 The value to assign to the protocol property of this AddSecurityRuleDetails. 81 :type protocol: str 82 83 :param source: 84 The value to assign to the source property of this AddSecurityRuleDetails. 85 :type source: str 86 87 :param source_type: 88 The value to assign to the source_type property of this AddSecurityRuleDetails. 89 Allowed values for this property are: "CIDR_BLOCK", "SERVICE_CIDR_BLOCK", "NETWORK_SECURITY_GROUP" 90 :type source_type: str 91 92 :param tcp_options: 93 The value to assign to the tcp_options property of this AddSecurityRuleDetails. 94 :type tcp_options: oci.core.models.TcpOptions 95 96 :param udp_options: 97 The value to assign to the udp_options property of this AddSecurityRuleDetails. 98 :type udp_options: oci.core.models.UdpOptions 99 100 """ 101 self.swagger_types = { 102 'description': 'str', 103 'destination': 'str', 104 'destination_type': 'str', 105 'direction': 'str', 106 'icmp_options': 'IcmpOptions', 107 'is_stateless': 'bool', 108 'protocol': 'str', 109 'source': 'str', 110 'source_type': 'str', 111 'tcp_options': 'TcpOptions', 112 'udp_options': 'UdpOptions' 113 } 114 115 self.attribute_map = { 116 'description': 'description', 117 'destination': 'destination', 118 'destination_type': 'destinationType', 119 'direction': 'direction', 120 'icmp_options': 'icmpOptions', 121 'is_stateless': 'isStateless', 122 'protocol': 'protocol', 123 'source': 'source', 124 'source_type': 'sourceType', 125 'tcp_options': 'tcpOptions', 126 'udp_options': 'udpOptions' 127 } 128 129 self._description = None 130 self._destination = None 131 self._destination_type = None 132 self._direction = None 133 self._icmp_options = None 134 self._is_stateless = None 135 self._protocol = None 136 self._source = None 137 self._source_type = None 138 self._tcp_options = None 139 self._udp_options = None 140 141 @property 142 def description(self): 143 """ 144 Gets the description of this AddSecurityRuleDetails. 145 An optional description of your choice for the rule. Avoid entering confidential information. 146 147 148 :return: The description of this AddSecurityRuleDetails. 149 :rtype: str 150 """ 151 return self._description 152 153 @description.setter 154 def description(self, description): 155 """ 156 Sets the description of this AddSecurityRuleDetails. 157 An optional description of your choice for the rule. Avoid entering confidential information. 158 159 160 :param description: The description of this AddSecurityRuleDetails. 161 :type: str 162 """ 163 self._description = description 164 165 @property 166 def destination(self): 167 """ 168 Gets the destination of this AddSecurityRuleDetails. 169 Conceptually, this is the range of IP addresses that a packet originating from the instance 170 can go to. 171 172 Allowed values: 173 174 * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 175 IPv6 addressing is supported for all commercial and government regions. See 176 `IPv6 Addresses`__. 177 178 * The `cidrBlock` value for a :class:`Service`, if you're 179 setting up a security rule for traffic destined for a particular `Service` through 180 a service gateway. For example: `oci-phx-objectstorage`. 181 182 * The `OCID`__ of a :class:`NetworkSecurityGroup` in the same 183 VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control 184 traffic between VNICs in the same NSG. 185 186 __ https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm 187 __ https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm 188 189 190 :return: The destination of this AddSecurityRuleDetails. 191 :rtype: str 192 """ 193 return self._destination 194 195 @destination.setter 196 def destination(self, destination): 197 """ 198 Sets the destination of this AddSecurityRuleDetails. 199 Conceptually, this is the range of IP addresses that a packet originating from the instance 200 can go to. 201 202 Allowed values: 203 204 * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 205 IPv6 addressing is supported for all commercial and government regions. See 206 `IPv6 Addresses`__. 207 208 * The `cidrBlock` value for a :class:`Service`, if you're 209 setting up a security rule for traffic destined for a particular `Service` through 210 a service gateway. For example: `oci-phx-objectstorage`. 211 212 * The `OCID`__ of a :class:`NetworkSecurityGroup` in the same 213 VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control 214 traffic between VNICs in the same NSG. 215 216 __ https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm 217 __ https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm 218 219 220 :param destination: The destination of this AddSecurityRuleDetails. 221 :type: str 222 """ 223 self._destination = destination 224 225 @property 226 def destination_type(self): 227 """ 228 Gets the destination_type of this AddSecurityRuleDetails. 229 Type of destination for the rule. Required if `direction` = `EGRESS`. 230 231 Allowed values: 232 233 * `CIDR_BLOCK`: If the rule's `destination` is an IP address range in CIDR notation. 234 235 * `SERVICE_CIDR_BLOCK`: If the rule's `destination` is the `cidrBlock` value for a 236 :class:`Service` (the rule is for traffic destined for a 237 particular `Service` through a service gateway). 238 239 * `NETWORK_SECURITY_GROUP`: If the rule's `destination` is the `OCID`__ of a 240 :class:`NetworkSecurityGroup`. 241 242 __ https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm 243 244 Allowed values for this property are: "CIDR_BLOCK", "SERVICE_CIDR_BLOCK", "NETWORK_SECURITY_GROUP" 245 246 247 :return: The destination_type of this AddSecurityRuleDetails. 248 :rtype: str 249 """ 250 return self._destination_type 251 252 @destination_type.setter 253 def destination_type(self, destination_type): 254 """ 255 Sets the destination_type of this AddSecurityRuleDetails. 256 Type of destination for the rule. Required if `direction` = `EGRESS`. 257 258 Allowed values: 259 260 * `CIDR_BLOCK`: If the rule's `destination` is an IP address range in CIDR notation. 261 262 * `SERVICE_CIDR_BLOCK`: If the rule's `destination` is the `cidrBlock` value for a 263 :class:`Service` (the rule is for traffic destined for a 264 particular `Service` through a service gateway). 265 266 * `NETWORK_SECURITY_GROUP`: If the rule's `destination` is the `OCID`__ of a 267 :class:`NetworkSecurityGroup`. 268 269 __ https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm 270 271 272 :param destination_type: The destination_type of this AddSecurityRuleDetails. 273 :type: str 274 """ 275 allowed_values = ["CIDR_BLOCK", "SERVICE_CIDR_BLOCK", "NETWORK_SECURITY_GROUP"] 276 if not value_allowed_none_or_none_sentinel(destination_type, allowed_values): 277 raise ValueError( 278 "Invalid value for `destination_type`, must be None or one of {0}" 279 .format(allowed_values) 280 ) 281 self._destination_type = destination_type 282 283 @property 284 def direction(self): 285 """ 286 **[Required]** Gets the direction of this AddSecurityRuleDetails. 287 Direction of the security rule. Set to `EGRESS` for rules to allow outbound IP packets, 288 or `INGRESS` for rules to allow inbound IP packets. 289 290 Allowed values for this property are: "EGRESS", "INGRESS" 291 292 293 :return: The direction of this AddSecurityRuleDetails. 294 :rtype: str 295 """ 296 return self._direction 297 298 @direction.setter 299 def direction(self, direction): 300 """ 301 Sets the direction of this AddSecurityRuleDetails. 302 Direction of the security rule. Set to `EGRESS` for rules to allow outbound IP packets, 303 or `INGRESS` for rules to allow inbound IP packets. 304 305 306 :param direction: The direction of this AddSecurityRuleDetails. 307 :type: str 308 """ 309 allowed_values = ["EGRESS", "INGRESS"] 310 if not value_allowed_none_or_none_sentinel(direction, allowed_values): 311 raise ValueError( 312 "Invalid value for `direction`, must be None or one of {0}" 313 .format(allowed_values) 314 ) 315 self._direction = direction 316 317 @property 318 def icmp_options(self): 319 """ 320 Gets the icmp_options of this AddSecurityRuleDetails. 321 322 :return: The icmp_options of this AddSecurityRuleDetails. 323 :rtype: oci.core.models.IcmpOptions 324 """ 325 return self._icmp_options 326 327 @icmp_options.setter 328 def icmp_options(self, icmp_options): 329 """ 330 Sets the icmp_options of this AddSecurityRuleDetails. 331 332 :param icmp_options: The icmp_options of this AddSecurityRuleDetails. 333 :type: oci.core.models.IcmpOptions 334 """ 335 self._icmp_options = icmp_options 336 337 @property 338 def is_stateless(self): 339 """ 340 Gets the is_stateless of this AddSecurityRuleDetails. 341 A stateless rule allows traffic in one direction. Remember to add a corresponding 342 stateless rule in the other direction if you need to support bidirectional traffic. For 343 example, if egress traffic allows TCP destination port 80, there should be an ingress 344 rule to allow TCP source port 80. Defaults to false, which means the rule is stateful 345 and a corresponding rule is not necessary for bidirectional traffic. 346 347 348 :return: The is_stateless of this AddSecurityRuleDetails. 349 :rtype: bool 350 """ 351 return self._is_stateless 352 353 @is_stateless.setter 354 def is_stateless(self, is_stateless): 355 """ 356 Sets the is_stateless of this AddSecurityRuleDetails. 357 A stateless rule allows traffic in one direction. Remember to add a corresponding 358 stateless rule in the other direction if you need to support bidirectional traffic. For 359 example, if egress traffic allows TCP destination port 80, there should be an ingress 360 rule to allow TCP source port 80. Defaults to false, which means the rule is stateful 361 and a corresponding rule is not necessary for bidirectional traffic. 362 363 364 :param is_stateless: The is_stateless of this AddSecurityRuleDetails. 365 :type: bool 366 """ 367 self._is_stateless = is_stateless 368 369 @property 370 def protocol(self): 371 """ 372 **[Required]** Gets the protocol of this AddSecurityRuleDetails. 373 The transport protocol. Specify either `all` or an IPv4 protocol number as 374 defined in 375 `Protocol Numbers`__. 376 Options are supported only for ICMP (\"1\"), TCP (\"6\"), UDP (\"17\"), and ICMPv6 (\"58\"). 377 378 __ http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml 379 380 381 :return: The protocol of this AddSecurityRuleDetails. 382 :rtype: str 383 """ 384 return self._protocol 385 386 @protocol.setter 387 def protocol(self, protocol): 388 """ 389 Sets the protocol of this AddSecurityRuleDetails. 390 The transport protocol. Specify either `all` or an IPv4 protocol number as 391 defined in 392 `Protocol Numbers`__. 393 Options are supported only for ICMP (\"1\"), TCP (\"6\"), UDP (\"17\"), and ICMPv6 (\"58\"). 394 395 __ http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml 396 397 398 :param protocol: The protocol of this AddSecurityRuleDetails. 399 :type: str 400 """ 401 self._protocol = protocol 402 403 @property 404 def source(self): 405 """ 406 Gets the source of this AddSecurityRuleDetails. 407 Conceptually, this is the range of IP addresses that a packet coming into the instance 408 can come from. 409 410 Allowed values: 411 412 * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 413 IPv6 addressing is supported for all commercial and government regions. See 414 `IPv6 Addresses`__. 415 416 * The `cidrBlock` value for a :class:`Service`, if you're 417 setting up a security rule for traffic coming from a particular `Service` through 418 a service gateway. For example: `oci-phx-objectstorage`. 419 420 * The `OCID`__ of a :class:`NetworkSecurityGroup` in the same 421 VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control 422 traffic between VNICs in the same NSG. 423 424 __ https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm 425 __ https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm 426 427 428 :return: The source of this AddSecurityRuleDetails. 429 :rtype: str 430 """ 431 return self._source 432 433 @source.setter 434 def source(self, source): 435 """ 436 Sets the source of this AddSecurityRuleDetails. 437 Conceptually, this is the range of IP addresses that a packet coming into the instance 438 can come from. 439 440 Allowed values: 441 442 * An IP address range in CIDR notation. For example: `192.168.1.0/24` or `2001:0db8:0123:45::/56` 443 IPv6 addressing is supported for all commercial and government regions. See 444 `IPv6 Addresses`__. 445 446 * The `cidrBlock` value for a :class:`Service`, if you're 447 setting up a security rule for traffic coming from a particular `Service` through 448 a service gateway. For example: `oci-phx-objectstorage`. 449 450 * The `OCID`__ of a :class:`NetworkSecurityGroup` in the same 451 VCN. The value can be the NSG that the rule belongs to if the rule's intent is to control 452 traffic between VNICs in the same NSG. 453 454 __ https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm 455 __ https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm 456 457 458 :param source: The source of this AddSecurityRuleDetails. 459 :type: str 460 """ 461 self._source = source 462 463 @property 464 def source_type(self): 465 """ 466 Gets the source_type of this AddSecurityRuleDetails. 467 Type of source for the rule. Required if `direction` = `INGRESS`. 468 469 * `CIDR_BLOCK`: If the rule's `source` is an IP address range in CIDR notation. 470 471 * `SERVICE_CIDR_BLOCK`: If the rule's `source` is the `cidrBlock` value for a 472 :class:`Service` (the rule is for traffic coming from a 473 particular `Service` through a service gateway). 474 475 * `NETWORK_SECURITY_GROUP`: If the rule's `source` is the `OCID`__ of a 476 :class:`NetworkSecurityGroup`. 477 478 __ https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm 479 480 Allowed values for this property are: "CIDR_BLOCK", "SERVICE_CIDR_BLOCK", "NETWORK_SECURITY_GROUP" 481 482 483 :return: The source_type of this AddSecurityRuleDetails. 484 :rtype: str 485 """ 486 return self._source_type 487 488 @source_type.setter 489 def source_type(self, source_type): 490 """ 491 Sets the source_type of this AddSecurityRuleDetails. 492 Type of source for the rule. Required if `direction` = `INGRESS`. 493 494 * `CIDR_BLOCK`: If the rule's `source` is an IP address range in CIDR notation. 495 496 * `SERVICE_CIDR_BLOCK`: If the rule's `source` is the `cidrBlock` value for a 497 :class:`Service` (the rule is for traffic coming from a 498 particular `Service` through a service gateway). 499 500 * `NETWORK_SECURITY_GROUP`: If the rule's `source` is the `OCID`__ of a 501 :class:`NetworkSecurityGroup`. 502 503 __ https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm 504 505 506 :param source_type: The source_type of this AddSecurityRuleDetails. 507 :type: str 508 """ 509 allowed_values = ["CIDR_BLOCK", "SERVICE_CIDR_BLOCK", "NETWORK_SECURITY_GROUP"] 510 if not value_allowed_none_or_none_sentinel(source_type, allowed_values): 511 raise ValueError( 512 "Invalid value for `source_type`, must be None or one of {0}" 513 .format(allowed_values) 514 ) 515 self._source_type = source_type 516 517 @property 518 def tcp_options(self): 519 """ 520 Gets the tcp_options of this AddSecurityRuleDetails. 521 522 :return: The tcp_options of this AddSecurityRuleDetails. 523 :rtype: oci.core.models.TcpOptions 524 """ 525 return self._tcp_options 526 527 @tcp_options.setter 528 def tcp_options(self, tcp_options): 529 """ 530 Sets the tcp_options of this AddSecurityRuleDetails. 531 532 :param tcp_options: The tcp_options of this AddSecurityRuleDetails. 533 :type: oci.core.models.TcpOptions 534 """ 535 self._tcp_options = tcp_options 536 537 @property 538 def udp_options(self): 539 """ 540 Gets the udp_options of this AddSecurityRuleDetails. 541 542 :return: The udp_options of this AddSecurityRuleDetails. 543 :rtype: oci.core.models.UdpOptions 544 """ 545 return self._udp_options 546 547 @udp_options.setter 548 def udp_options(self, udp_options): 549 """ 550 Sets the udp_options of this AddSecurityRuleDetails. 551 552 :param udp_options: The udp_options of this AddSecurityRuleDetails. 553 :type: oci.core.models.UdpOptions 554 """ 555 self._udp_options = udp_options 556 557 def __repr__(self): 558 return formatted_flat_dict(self) 559 560 def __eq__(self, other): 561 if other is None: 562 return False 563 564 return self.__dict__ == other.__dict__ 565 566 def __ne__(self, other): 567 return not self == other 568