Resource: aws_network_acl

Provides an network ACL resource. You might set up network ACLs with rules similar to your security groups in order to add an additional layer of security to your VPC.

Example Usage

resource "aws_network_acl" "main" {
  vpc_id = aws_vpc.main.id

  egress {
    protocol   = "tcp"
    rule_no    = 200
    action     = "allow"
    cidr_block = "10.3.0.0/18"
    from_port  = 443
    to_port    = 443
  }

  ingress {
    protocol   = "tcp"
    rule_no    = 100
    action     = "allow"
    cidr_block = "10.3.0.0/18"
    from_port  = 80
    to_port    = 80
  }

  tags = {
    Name = "main"
  }
}

Argument Reference

This resource supports the following arguments:

egress and ingress

Both arguments are processed in attribute-as-blocks mode.

Both egress and ingress support the following keys:

Attribute Reference

This resource exports the following attributes in addition to the arguments above:

Import

In Terraform v1.5.0 and later, use an import block to import Network ACLs using the id. For example:

import {
  to = aws_network_acl.main
  id = "acl-7aaabd18"
}

Using terraform import, import Network ACLs using the id. For example:

% terraform import aws_network_acl.main acl-7aaabd18