in security/swift_security.py [0:0]
def create_nacls(self) -> None:
"""creating nacl and rules"""
selection_sagsnl = _ec2.SubnetSelection(subnet_group_name=SwiftComponents.SAGSNL)
selection_amh = _ec2.SubnetSelection(subnet_group_name=SwiftComponents.AMH)
self.create_nacl(cid=SwiftComponents.SAGSNL + "NACL", name=SwiftComponents.SAGSNL + "NACL",
description="NACL for SAGSNL Subnet",
subnet_selection=selection_sagsnl)
self.create_nacl(cid=SwiftComponents.AMH + "NACL", name=SwiftComponents.AMH + "NACL",
description="NACL For AMMH Subnet",
subnet_selection=selection_amh)
self.add_nacl_entry(cid=SwiftComponents.SAGSNL + "NACL",
nacl_id="SAGSNLNACLEntry1",
cidr=_ec2.AclCidr.any_ipv4(),
rule_number=100,
traffic=_ec2.AclTraffic.all_traffic(),
direction=_ec2.TrafficDirection.EGRESS)
self.add_nacl_entry(cid=SwiftComponents.SAGSNL + "NACL",
nacl_id="SAGSNLNACLEntry2",
cidr=_ec2.AclCidr.any_ipv4(),
rule_number=100,
traffic=_ec2.AclTraffic.all_traffic(),
direction=_ec2.TrafficDirection.INGRESS)
self.add_nacl_entry(cid=SwiftComponents.AMH + "NACL",
nacl_id="AMHNACLEntry1",
cidr=_ec2.AclCidr.any_ipv4(),
rule_number=100,
traffic=_ec2.AclTraffic.all_traffic(),
direction=_ec2.TrafficDirection.EGRESS)
self.add_nacl_entry(cid=SwiftComponents.AMH + "NACL",
nacl_id="AMHNACLEntry2",
cidr=_ec2.AclCidr.any_ipv4(),
rule_number=100,
traffic=_ec2.AclTraffic.all_traffic(),
direction=_ec2.TrafficDirection.INGRESS)