Resource: aws_network_acl_rule

Creates an entry (a rule) in a network ACL with the specified rule number.

Example Usage

resource "aws_network_acl" "bar" {
  vpc_id = aws_vpc.foo.id
}

resource "aws_network_acl_rule" "bar" {
  network_acl_id = aws_network_acl.bar.id
  rule_number    = 200
  egress         = false
  protocol       = "tcp"
  rule_action    = "allow"
  cidr_block     = aws_vpc.foo.cidr_block
  from_port      = 22
  to_port        = 22
}

Argument Reference

This resource supports the following arguments:

Attribute Reference

This resource exports the following attributes in addition to the arguments above:

Import

In Terraform v1.5.0 and later, use an import block to import individual rules using NETWORK_ACL_ID:RULE_NUMBER:PROTOCOL:EGRESS, where PROTOCOL can be a decimal (such as "6") or string (such as "tcp") value. For example:

NOTE: If importing a rule previously provisioned by Terraform, the PROTOCOL must be the input value used at creation time. For more information on protocol numbers and keywords, see here: https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml.

Using the procotol's string value:

import {
  to = aws_network_acl_rule.my_rule
  id = "acl-7aaabd18:100:tcp:false"
}

Using the procotol's decimal value:

import {
  to = aws_network_acl_rule.my_rule
  id = "acl-7aaabd18:100:6:false"
}

Using terraform import to import individual rules using NETWORK_ACL_ID:RULE_NUMBER:PROTOCOL:EGRESS, where PROTOCOL can be a decimal (such as "6") or string (such as "tcp") value. For example:

Using the procotol's string value:

% terraform import aws_network_acl_rule.my_rule acl-7aaabd18:100:tcp:false

Using the procotol's decimal value:

% terraform import aws_network_acl_rule.my_rule acl-7aaabd18:100:6:false