amazonka-ec2-1.3.1: Amazon Elastic Compute Cloud SDK.

Copyright(c) 2013-2015 Brendan Hay
LicenseMozilla Public License, v. 2.0.
MaintainerBrendan Hay <>
Portabilitynon-portable (GHC extensions)
Safe HaskellNone




Replaces an entry (rule) in a network ACL. For more information about network ACLs, see Network ACLs in the Amazon Virtual Private Cloud User Guide.

See: AWS API Reference for ReplaceNetworkACLEntry.


Creating a Request

Request Lenses

rnaeICMPTypeCode :: Lens' ReplaceNetworkACLEntry (Maybe ICMPTypeCode) Source

ICMP protocol: The ICMP type and code. Required if specifying 1 (ICMP) for the protocol.

rnaePortRange :: Lens' ReplaceNetworkACLEntry (Maybe PortRange) Source

TCP or UDP protocols: The range of ports the rule applies to. Required if specifying 6 (TCP) or 17 (UDP) for the protocol.

rnaeDryRun :: Lens' ReplaceNetworkACLEntry (Maybe Bool) Source

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

rnaeRuleNumber :: Lens' ReplaceNetworkACLEntry Int Source

The rule number of the entry to replace.

rnaeProtocol :: Lens' ReplaceNetworkACLEntry Text Source

The IP protocol. You can specify all or '-1' to mean all protocols.

rnaeRuleAction :: Lens' ReplaceNetworkACLEntry RuleAction Source

Indicates whether to allow or deny the traffic that matches the rule.

rnaeEgress :: Lens' ReplaceNetworkACLEntry Bool Source

Indicates whether to replace the egress rule.

Default: If no value is specified, we replace the ingress rule.

rnaeCIdRBlock :: Lens' ReplaceNetworkACLEntry Text Source

The network range to allow or deny, in CIDR notation.

Destructuring the Response

replaceNetworkACLEntryResponse :: ReplaceNetworkACLEntryResponse Source

Creates a value of ReplaceNetworkACLEntryResponse with the minimum fields required to make a request.