Knowledge BaseCommunityRelease NotesRequest Demo

EC2 Network ACL

Elastic Compute Cloud (EC2) Virtual Private Cloud (VPC) Network ACL

Resource Type

AWS.EC2.NetworkACL

Resource ID Format

For EC2 Network ACLs, the resource ID is the ARN.

arn:aws:ec2:us-west-2:123456789012:network-acl/acl-1

Background

This resource represents a snapshot of an AWS EC2 VPC NetworkACL.

Fields

Field

Type

Description

Associations

List

An association between a network ACL and a subnet.

Entries

List

Individual Network ACL rules to allow or block traffic

IsDefault

Bool

Whether this Network ACL is the default Network ACL for its associated VPC

OwnerId

String

The Amazon Web Services account ID of the owner of the network interface.

VpcId

String

The ID of the VPC.

Example

{
    "AccountId": "123456789012",
    "Arn": "arn:aws:ec2:us-west-2:123456789012:network-acl/acl-1",
    "Associations": [
        {
            "NetworkAclAssociationId": "aclassoc-1",
            "NetworkAclId": "acl-1",
            "SubnetId": "subnet-1"
        }
    ],
    "Entries": [
        {
            "CidrBlock": "0.0.0.0/0",
            "Egress": true,
            "IcmpTypeCode": null,
            "Ipv6CidrBlock": null,
            "PortRange": {
                "From": 80,
                "To": 80
            },
            "Protocol": "6",
            "RuleAction": "allow",
            "RuleNumber": 100
        },
        {
            "CidrBlock": "10.0.0.0/20",
            "Egress": false,
            "IcmpTypeCode": null,
            "Ipv6CidrBlock": null,
            "PortRange": null,
            "Protocol": "-1",
            "RuleAction": "allow",
            "RuleNumber": 110
        }
    ],
    "Id": "acl-1",
    "IsDefault": false,
    "OwnerId": "123456789012",
    "Region": "us-west-2",
    "ResourceId": "arn:aws:ec2:us-west-2:123456789012:network-acl/acl-1",
    "ResourceType": "AWS.EC2.NetworkACL",
    "Tags": {
        "Name": "PrivateSubnetAcl",
        "aws:cloudformation:logical-id": "PrivateSubnetAcl",
        "aws:cloudformation:stack-id": "arn:aws:cloudformation:us-west-2:123456789012:stack/vpc/1",
        "aws:cloudformation:stack-name": "vpc"
    },
    "TimeCreated": null,
    "VpcId": "vpc-1"
}
PreviousEC2 InstanceNextEC2 SecurityGroup

Last updated

#1924: [don't merge until ~Oct] Notion Logs (Beta)

Change request updated