Class VpcBlockPublicAccessOptions

java.lang.Object
software.amazon.awssdk.services.ec2.model.VpcBlockPublicAccessOptions
All Implemented Interfaces:
Serializable, SdkPojo, ToCopyableBuilder<VpcBlockPublicAccessOptions.Builder,VpcBlockPublicAccessOptions>
@Generated("software.amazon.awssdk:codegen") public final class VpcBlockPublicAccessOptions extends Object implements SdkPojo, Serializable, ToCopyableBuilder<VpcBlockPublicAccessOptions.Builder,VpcBlockPublicAccessOptions>

VPC Block Public Access (BPA) enables you to block resources in VPCs and subnets that you own in a Region from reaching or being reached from the internet through internet gateways and egress-only internet gateways. To learn more about VPC BPA, see Block public access to VPCs and subnets in the Amazon VPC User Guide.

See Also:

  • Method Details

    • awsAccountId

      public final String awsAccountId()

      An Amazon Web Services account ID.

      Returns:
      An Amazon Web Services account ID.

    • awsRegion

      public final String awsRegion()

      An Amazon Web Services Region.

      Returns:
      An Amazon Web Services Region.

    • state

      public final VpcBlockPublicAccessState state()

      The current state of VPC BPA.

      If the service returns an enum value that is not available in the current SDK version, state will return VpcBlockPublicAccessState.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from stateAsString().

      Returns:
      The current state of VPC BPA.
      See Also:

    • stateAsString

      public final String stateAsString()

      The current state of VPC BPA.

      If the service returns an enum value that is not available in the current SDK version, state will return VpcBlockPublicAccessState.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from stateAsString().

      Returns:
      The current state of VPC BPA.
      See Also:

    • internetGatewayBlockMode

      public final InternetGatewayBlockMode internetGatewayBlockMode()

      The current mode of VPC BPA.

      • off: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.

      • block-bidirectional: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).

      • block-ingress: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.

      If the service returns an enum value that is not available in the current SDK version, internetGatewayBlockMode will return InternetGatewayBlockMode.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from internetGatewayBlockModeAsString().

      Returns:
      The current mode of VPC BPA.

      • off: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.

      • block-bidirectional: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).

      • block-ingress: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.

      See Also:

    • internetGatewayBlockModeAsString

      public final String internetGatewayBlockModeAsString()

      The current mode of VPC BPA.

      • off: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.

      • block-bidirectional: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).

      • block-ingress: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.

      If the service returns an enum value that is not available in the current SDK version, internetGatewayBlockMode will return InternetGatewayBlockMode.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from internetGatewayBlockModeAsString().

      Returns:
      The current mode of VPC BPA.

      • off: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.

      • block-bidirectional: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).

      • block-ingress: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.

      See Also:

    • reason

      public final String reason()

      The reason for the current state.

      Returns:
      The reason for the current state.

    • lastUpdateTimestamp

      public final Instant lastUpdateTimestamp()

      The last time the VPC BPA mode was updated.

      Returns:
      The last time the VPC BPA mode was updated.

    • managedBy

      public final ManagedBy managedBy()

      The entity that manages the state of VPC BPA. Possible values include:

      • account - The state is managed by the account.

      • declarative-policy - The state is managed by a declarative policy and can't be modified by the account.

      If the service returns an enum value that is not available in the current SDK version, managedBy will return ManagedBy.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from managedByAsString().

      Returns:
      The entity that manages the state of VPC BPA. Possible values include:

      • account - The state is managed by the account.

      • declarative-policy - The state is managed by a declarative policy and can't be modified by the account.

      See Also:

    • managedByAsString

      public final String managedByAsString()

      The entity that manages the state of VPC BPA. Possible values include:

      • account - The state is managed by the account.

      • declarative-policy - The state is managed by a declarative policy and can't be modified by the account.

      If the service returns an enum value that is not available in the current SDK version, managedBy will return ManagedBy.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from managedByAsString().

      Returns:
      The entity that manages the state of VPC BPA. Possible values include:

      • account - The state is managed by the account.

      • declarative-policy - The state is managed by a declarative policy and can't be modified by the account.

      See Also:

    • exclusionsAllowed

      public final VpcBlockPublicAccessExclusionsAllowed exclusionsAllowed()

      Determines if exclusions are allowed. If you have enabled VPC BPA at the Organization level, exclusions may be not-allowed. Otherwise, they are allowed.

      If the service returns an enum value that is not available in the current SDK version, exclusionsAllowed will return VpcBlockPublicAccessExclusionsAllowed.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from exclusionsAllowedAsString().

      Returns:
      Determines if exclusions are allowed. If you have enabled VPC BPA at the Organization level, exclusions may be not-allowed. Otherwise, they are allowed.
      See Also:

    • exclusionsAllowedAsString

      public final String exclusionsAllowedAsString()

      Determines if exclusions are allowed. If you have enabled VPC BPA at the Organization level, exclusions may be not-allowed. Otherwise, they are allowed.

      If the service returns an enum value that is not available in the current SDK version, exclusionsAllowed will return VpcBlockPublicAccessExclusionsAllowed.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from exclusionsAllowedAsString().

      Returns:
      Determines if exclusions are allowed. If you have enabled VPC BPA at the Organization level, exclusions may be not-allowed. Otherwise, they are allowed.
      See Also:

    • toBuilder

      public VpcBlockPublicAccessOptions.Builder toBuilder()
      Description copied from interface: ToCopyableBuilder
      Take this object and create a builder that contains all of the current property values of this object.
      Specified by:
      toBuilder in interface ToCopyableBuilder<VpcBlockPublicAccessOptions.Builder,VpcBlockPublicAccessOptions>
      Returns:
      a builder for type T

    • builder

      public static VpcBlockPublicAccessOptions.Builder builder()

    • serializableBuilderClass

      public static Class<? extends VpcBlockPublicAccessOptions.Builder> serializableBuilderClass()

    • hashCode

      public final int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public final boolean equals(Object obj)
      Overrides:
      equals in class Object

    • equalsBySdkFields

      public final boolean equalsBySdkFields(Object obj)
      Description copied from interface: SdkPojo
      Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in an SdkPojo class, and is generated based on a service model.

      If an SdkPojo class does not have any inherited fields, equalsBySdkFields and equals are essentially the same.

      Specified by:
      equalsBySdkFields in interface SdkPojo
      Parameters:
      obj - the object to be compared with
      Returns:
      true if the other object equals to this object by sdk fields, false otherwise.

    • toString

      public final String toString()
      Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
      Overrides:
      toString in class Object

    • getValueForField

      public final <T> Optional<T> getValueForField(String fieldName, Class<T> clazz)

    • sdkFields

      public final List<SdkField<?>> sdkFields()
      Specified by:
      sdkFields in interface SdkPojo
      Returns:
      List of SdkField in this POJO. May be empty list but should never be null.

    • sdkFieldNameToField

      public final Map<String,SdkField<?>> sdkFieldNameToField()
      Specified by:
      sdkFieldNameToField in interface SdkPojo
      Returns:
      The mapping between the field name and its corresponding field.