github.com/armen/terraform@v0.5.2-0.20150529052519-caa8117a08f1/website/source/docs/providers/aws/r/network_acl.html.markdown (about)

     1  ---
     2  layout: "aws"
     3  page_title: "AWS: aws_network_acl"
     4  sidebar_current: "docs-aws-resource-network-acl"
     5  description: |-
     6    Provides an network ACL resource.
     7  ---
     8  
     9  # aws\_network\_acl
    10  
    11  Provides an network ACL resource. You might set up network ACLs with rules similar
    12  to your security groups in order to add an additional layer of security to your VPC.
    13  
    14  ## Example Usage
    15  
    16  ```
    17  resource "aws_network_acl" "main" {
    18  	vpc_id = "${aws_vpc.main.id}"
    19  	egress {
    20  		protocol = "tcp"
    21  		rule_no = 2
    22  		action = "allow"
    23  		cidr_block =  "10.3.0.0/18"
    24  		from_port = 443
    25  		to_port = 443
    26  	}
    27  
    28  	ingress {
    29  		protocol = "tcp"
    30  		rule_no = 1
    31  		action = "allow"
    32  		cidr_block =  "10.3.0.0/18"
    33  		from_port = 80
    34  		to_port = 80
    35  	}
    36  
    37  	tags {
    38  		Name = "main"
    39  	}
    40  }
    41  ```
    42  
    43  ## Argument Reference
    44  
    45  The following arguments are supported:
    46  
    47  * `vpc_id` - (Required) The ID of the associated VPC.
    48  * `subnet_ids` - (Optional) A list of Subnet IDs to apply the ACL to
    49  * `subnet_id` - (Optional, Deprecated) The ID of the associated Subnet. This
    50  attribute is deprecated, please use the `subnet_ids` attribute instead
    51  * `ingress` - (Optional) Specifies an ingress rule. Parameters defined below.
    52  * `egress` - (Optional) Specifies an egress rule. Parameters defined below.
    53  * `tags` - (Optional) A mapping of tags to assign to the resource.
    54  
    55  Both `egress` and `ingress` support the following keys:
    56  
    57  * `from_port` - (Required) The from port to match.
    58  * `to_port` - (Required) The to port to match.
    59  * `rule_no` - (Required) The rule number. Used for ordering.
    60  * `action` - (Required) The action to take.
    61  * `protocol` - (Required) The protocol to match. If using the -1 'all'
    62  protocol, you must specify a from and to port of 0.
    63  * `cidr_block` - (Optional) The CIDR block to match. This must be a
    64  valid network mask.
    65  
    66  ## Attributes Reference
    67  
    68  The following attributes are exported:
    69  
    70  * `id` - The ID of the network ACL
    71