Copyright | (c) 2013-2021 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay <brendan.g.hay+amazonka@gmail.com> |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | None |
Synopsis
- data BlockPublicAccessConfiguration = BlockPublicAccessConfiguration' {}
- newBlockPublicAccessConfiguration :: Bool -> BlockPublicAccessConfiguration
- blockPublicAccessConfiguration_permittedPublicSecurityGroupRuleRanges :: Lens' BlockPublicAccessConfiguration (Maybe [PortRange])
- blockPublicAccessConfiguration_blockPublicSecurityGroupRules :: Lens' BlockPublicAccessConfiguration Bool
Documentation
data BlockPublicAccessConfiguration Source #
A configuration for Amazon EMR block public access. When
BlockPublicSecurityGroupRules
is set to true
, Amazon EMR prevents
cluster creation if one of the cluster's security groups has a rule
that allows inbound traffic from 0.0.0.0/0 or ::/0 on a port, unless
the port is specified as an exception using
PermittedPublicSecurityGroupRuleRanges
.
See: newBlockPublicAccessConfiguration
smart constructor.
BlockPublicAccessConfiguration' | |
|
Instances
newBlockPublicAccessConfiguration Source #
:: Bool |
|
-> BlockPublicAccessConfiguration |
Create a value of BlockPublicAccessConfiguration
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:permittedPublicSecurityGroupRuleRanges:BlockPublicAccessConfiguration'
, blockPublicAccessConfiguration_permittedPublicSecurityGroupRuleRanges
- Specifies ports and port ranges that are permitted to have security
group rules that allow inbound traffic from all public sources. For
example, if Port 23 (Telnet) is specified for
PermittedPublicSecurityGroupRuleRanges
, Amazon EMR allows cluster
creation if a security group associated with the cluster has a rule that
allows inbound traffic on Port 23 from IPv4 0.0.0.0/0 or IPv6 port
::/0 as the source.
By default, Port 22, which is used for SSH access to the cluster EC2
instances, is in the list of PermittedPublicSecurityGroupRuleRanges
.
$sel:blockPublicSecurityGroupRules:BlockPublicAccessConfiguration'
, blockPublicAccessConfiguration_blockPublicSecurityGroupRules
- Indicates whether Amazon EMR block public access is enabled (true
) or
disabled (false
). By default, the value is false
for accounts that
have created EMR clusters before July 2019. For accounts created after
this, the default is true
.
blockPublicAccessConfiguration_permittedPublicSecurityGroupRuleRanges :: Lens' BlockPublicAccessConfiguration (Maybe [PortRange]) Source #
Specifies ports and port ranges that are permitted to have security
group rules that allow inbound traffic from all public sources. For
example, if Port 23 (Telnet) is specified for
PermittedPublicSecurityGroupRuleRanges
, Amazon EMR allows cluster
creation if a security group associated with the cluster has a rule that
allows inbound traffic on Port 23 from IPv4 0.0.0.0/0 or IPv6 port
::/0 as the source.
By default, Port 22, which is used for SSH access to the cluster EC2
instances, is in the list of PermittedPublicSecurityGroupRuleRanges
.
blockPublicAccessConfiguration_blockPublicSecurityGroupRules :: Lens' BlockPublicAccessConfiguration Bool Source #
Indicates whether Amazon EMR block public access is enabled (true
) or
disabled (false
). By default, the value is false
for accounts that
have created EMR clusters before July 2019. For accounts created after
this, the default is true
.