EC2.Paginator.DescribeNetworkAcls¶paginator = client.get_paginator('describe_network_acls')
paginate(**kwargs)¶Creates an iterator that will paginate through responses from EC2.Client.describe_network_acls().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
Filters=[
{
'Name': 'string',
'Values': [
'string',
]
},
],
DryRun=True|False,
NetworkAclIds=[
'string',
],
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
One or more filters.
association.association-id - The ID of an association ID for the ACL.association.network-acl-id - The ID of the network ACL involved in the association.association.subnet-id - The ID of the subnet involved in the association.default - Indicates whether the ACL is the default network ACL for the VPC.entry.cidr - The IPv4 CIDR range specified in the entry.entry.icmp.code - The ICMP code specified in the entry, if any.entry.icmp.type - The ICMP type specified in the entry, if any.entry.ipv6-cidr - The IPv6 CIDR range specified in the entry.entry.port-range.from - The start of the port range specified in the entry.entry.port-range.to - The end of the port range specified in the entry.entry.protocol - The protocol specified in the entry ( tcp | udp | icmp or a protocol number).entry.rule-action - Allows or denies the matching traffic ( allow | deny ).entry.egress - A Boolean that indicates the type of rule. Specify true for egress rules, or false for ingress rules.entry.rule-number - The number of an entry (in other words, rule) in the set of ACL entries.network-acl-id - The ID of the network ACL.owner-id - The ID of the Amazon Web Services account that owns the network ACL.tag :<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.vpc-id - The ID of the VPC for the network ACL.A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.
If you specify multiple filters, the filters are joined with an AND , and the request returns only results that match all of the specified filters.
The name of the filter. Filter names are case-sensitive.
The filter values. Filter values are case-sensitive. If you specify multiple values for a filter, the values are joined with an OR , and the request returns all results that match any of the specified values.
DryRunOperation . Otherwise, it is UnauthorizedOperation .One or more network ACL IDs.
Default: Describes all your network ACLs.
A dictionary that provides parameters to control pagination.
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
The size of each page.
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'NetworkAcls': [
{
'Associations': [
{
'NetworkAclAssociationId': 'string',
'NetworkAclId': 'string',
'SubnetId': 'string'
},
],
'Entries': [
{
'CidrBlock': 'string',
'Egress': True|False,
'IcmpTypeCode': {
'Code': 123,
'Type': 123
},
'Ipv6CidrBlock': 'string',
'PortRange': {
'From': 123,
'To': 123
},
'Protocol': 'string',
'RuleAction': 'allow'|'deny',
'RuleNumber': 123
},
],
'IsDefault': True|False,
'NetworkAclId': 'string',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
],
'VpcId': 'string',
'OwnerId': 'string'
},
],
}
Response Structure
(dict) --
NetworkAcls (list) --
Information about one or more network ACLs.
(dict) --
Describes a network ACL.
Associations (list) --
Any associations between the network ACL and one or more subnets
(dict) --
Describes an association between a network ACL and a subnet.
NetworkAclAssociationId (string) --
The ID of the association between a network ACL and a subnet.
NetworkAclId (string) --
The ID of the network ACL.
SubnetId (string) --
The ID of the subnet.
Entries (list) --
One or more entries (rules) in the network ACL.
(dict) --
Describes an entry in a network ACL.
CidrBlock (string) --
The IPv4 network range to allow or deny, in CIDR notation.
Egress (boolean) --
Indicates whether the rule is an egress rule (applied to traffic leaving the subnet).
IcmpTypeCode (dict) --
ICMP protocol: The ICMP type and code.
Code (integer) --
The ICMP code. A value of -1 means all codes for the specified ICMP type.
Type (integer) --
The ICMP type. A value of -1 means all types.
Ipv6CidrBlock (string) --
The IPv6 network range to allow or deny, in CIDR notation.
PortRange (dict) --
TCP or UDP protocols: The range of ports the rule applies to.
From (integer) --
The first port in the range.
To (integer) --
The last port in the range.
Protocol (string) --
The protocol number. A value of "-1" means all protocols.
RuleAction (string) --
Indicates whether to allow or deny the traffic that matches the rule.
RuleNumber (integer) --
The rule number for the entry. ACL entries are processed in ascending order by rule number.
IsDefault (boolean) --
Indicates whether this is the default network ACL for the VPC.
NetworkAclId (string) --
The ID of the network ACL.
Tags (list) --
Any tags assigned to the network ACL.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
VpcId (string) --
The ID of the VPC for the network ACL.
OwnerId (string) --
The ID of the Amazon Web Services account that owns the network ACL.