Expand description
Provides an network ACL resource. You might set up network ACLs with rules similar to your security groups in order to add an additional layer of security to your VPC.
NOTE on Network ACLs and Network ACL Rules: This provider currently provides both a standalone Network ACL Rule resource and a Network ACL resource with rules defined in-line. At this time you cannot use a Network ACL with in-line rules in conjunction with any Network ACL Rule resources. Doing so will cause a conflict of rule settings and will overwrite rules.
NOTE on Network ACLs and Network ACL Associations: the provider provides both a standalone network ACL association resource and a network ACL resource with a
subnet_idsattribute. Do not use the same subnet ID in both a network ACL resource and a network ACL association resource. Doing so will cause a conflict of associations and will overwrite the association.
§Example Usage
resources:
main:
type: aws:ec2:NetworkAcl
properties:
vpcId: ${mainAwsVpc.id}
egress:
- protocol: tcp
ruleNo: 200
action: allow
cidrBlock: 10.3.0.0/18
fromPort: 443
toPort: 443
ingress:
- protocol: tcp
ruleNo: 100
action: allow
cidrBlock: 10.3.0.0/18
fromPort: 80
toPort: 80
tags:
Name: main§Import
Using pulumi import, import Network ACLs using the id. For example:
$ pulumi import aws:ec2/networkAcl:NetworkAcl main acl-7aaabd18Structs§
- Use builder syntax to set the inputs and finish with
build_struct().
Functions§
- Registers a new resource with the given unique name and arguments