Class IpAddressCondition


  • public class IpAddressCondition
    extends Condition
    AWS access control policy condition that allows an access control statement to be conditionally applied based on the comparison of the the incoming source IP address at the time of a request against a CIDR IP range.

    For more information about CIDR IP ranges, see http://en.wikipedia.org/wiki/CIDR_notation

    • Constructor Detail

      • IpAddressCondition

        public IpAddressCondition​(String ipAddressRange)
        Constructs a new access policy condition that compares the source IP address of the incoming request to an AWS service against the specified CIDR range. The condition evaluates to true (meaning the policy statement containing it will be applied) if the incoming source IP address is within that range.

        To achieve the opposite effect (i.e. cause the condition to evaluate to true when the incoming source IP is not in the specified CIDR range) use the alternate constructor form and specify IpAddressCondition.IpAddressComparisonType.NotIpAddress

        For more information about CIDR IP ranges, see http://en.wikipedia.org/wiki/CIDR_notation

        Parameters:
        ipAddressRange - The CIDR IP range involved in the policy condition.
      • IpAddressCondition

        public IpAddressCondition​(IpAddressCondition.IpAddressComparisonType type,
                                  String ipAddressRange)
        Constructs a new access policy condition that compares the source IP address of the incoming request to an AWS service against the specified CIDR range. When the condition evaluates to true (i.e. when the incoming source IP address is within the CIDR range or not) depends on the specified IpAddressCondition.IpAddressComparisonType.

        For more information about CIDR IP ranges, see http://en.wikipedia.org/wiki/CIDR_notation

        Parameters:
        type - The type of comparison to to perform.
        ipAddressRange - The CIDR IP range involved in the policy condition.