aws
diff --git a/‎packages/@aws-cdk/aws-ec2/README.md‎
Lines changed: 5 additions & 2 deletions b/‎packages/@aws-cdk/aws-ec2/README.md‎
Lines changed: 5 additions & 2 deletions
diff --git a/‎packages/@aws-cdk/aws-ec2/lib/port.ts‎
Lines changed: 12 additions & 0 deletions b/‎packages/@aws-cdk/aws-ec2/lib/port.ts‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎packages/@aws-cdk/aws-ec2/test/integ.ports.ts‎
Lines changed: 32 additions & 0 deletions b/‎packages/@aws-cdk/aws-ec2/test/integ.ports.ts‎
Lines changed: 32 additions & 0 deletions
diff --git a/‎packages/@aws-cdk/aws-ec2/test/ports.integ.snapshot/PortsDefaultTestDeployAssert044B81BF.template.json‎
Lines changed: 1 addition & 0 deletions b/‎packages/@aws-cdk/aws-ec2/test/ports.integ.snapshot/PortsDefaultTestDeployAssert044B81BF.template.json‎
Lines changed: 1 addition & 0 deletions
@@ -529,11 +529,14 @@ the connection specifier:
 ec2.Port.tcp(80)
 ec2.Port.tcpRange(60000, 65535)
 ec2.Port.allTcp()
+ec2.Port.allIcmp()
+ec2.Port.allIcmpV6()
 ec2.Port.allTraffic()
 ```
 
-> NOTE: This set is not complete yet; for example, there is no library support for ICMP at the moment.
-> However, you can write your own classes to implement those.
+> NOTE: Not all protocols have corresponding helper methods. In the absence of a helper method,
+> you can instantiate `Port` yourself with your own settings. You are also welcome to contribute
+> new helper methods.
 
 ### Default Ports
 
 
@@ -307,6 +307,18 @@ export class Port {
     });
   }
 
+  /**
+   * All ICMPv6 traffic
+   */
+  public static allIcmpV6() {
+    return new Port({
+      protocol: Protocol.ICMPV6,
+      fromPort: -1,
+      toPort: -1,
+      stringRepresentation: 'ALL ICMPv6',
+    });
+  }
+
   /**
    * All traffic
    */
 
@@ -0,0 +1,32 @@
+import * as cdk from '@aws-cdk/core';
+import { IntegTest } from '@aws-cdk/integ-tests';
+import * as ec2 from '../lib/index';
+
+const app = new cdk.App();
+
+class TestStack extends cdk.Stack {
+  constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {
+    super(scope, id, props);
+
+    const vpc = new ec2.Vpc(this, 'VPC');
+
+    const sg = new ec2.SecurityGroup(this, 'SecGroup', {
+      vpc,
+    });
+    sg.addIngressRule(
+      ec2.Peer.anyIpv6(),
+      ec2.Port.allIcmpV6(),
+      'allow ICMP6',
+    );
+  }
+}
+
+new TestStack(app, 'TestStack');
+
+new IntegTest(app, 'Ports', {
+  testCases: [
+    new TestStack(app, 'PortsTestStack', {}),
+  ],
+});
+
+app.synth();
@@ -0,0 +1 @@
+{}