Interface INetworkAclConfig

NetworkConfig / VpcConfig | VpcTemplatesConfig / NetworkAclConfig

Network access control list (ACL) configuration.

Description

Use this configuration to define custom network ACLs for your VPC. A network ACL allows or denies specific inbound or outbound traffic at the subnet level. Network ACLs are stateless, which means that responses to allowed inbound traffic are subject to the rules for outbound traffic (and vice versa).

The following example shows an inbound and outbound rule that would allow inbound SSH traffic from the CIDR range 10.0.0.0/16.

Example

- name: accelerator-nacl
  subnetAssociations:
    - Subnet-A
  inboundRules:
    - rule: 200
      protocol: 6
      fromPort: 22
      toPort: 22
      action: allow
      source: 10.0.0.0/16
  outboundRules:
    - rule: 200
      protocol: 6
      fromPort: 1024
      toPort: 65535
      action: allow
      destination: 10.0.0.0/16
  tags: []

interface INetworkAclConfig {
    inboundRules?: INetworkAclInboundRuleConfig[];
    name: string;
    outboundRules?: INetworkAclOutboundRuleConfig[];
    subnetAssociations: string[];
    tags?: ITag[];
}

Index

Properties

inboundRules? name outboundRules? subnetAssociations tags?

Properties

`Optional` `Readonly`inboundRules

inboundRules?: INetworkAclInboundRuleConfig[]

(OPTIONAL) A list of inbound rules to define for the Network ACL

See

NetworkAclInboundRuleConfig

`Readonly`name

name: string

The name of the Network ACL.

Remarks

CAUTION: Changing this property value causes the network ACL to be recreated. Please be aware that any downstream dependencies may cause this property update to fail. Please also note that your network traffic may be temporarily impacted while the ACL is updated.

`Optional` `Readonly`outboundRules

outboundRules?: INetworkAclOutboundRuleConfig[]

(OPTIONAL) A list of outbound rules to define for the Network ACL

See

NetworkAclOutboundRuleConfig

`Readonly`subnetAssociations

subnetAssociations: string[]

A list of subnets to associate with the Network ACL

Remarks

This is the logical name property of the subnet as defined in network-config.yaml.

See

SubnetConfig

`Optional` `Readonly`tags

tags?: ITag[]

(OPTIONAL) A list of tags to attach to the Network ACL

Interface INetworkAclConfig

Description

Example

Index

Properties

Properties

`Optional` `Readonly`inboundRules

See

`Readonly`name

Remarks

`Optional` `Readonly`outboundRules

See

`Readonly`subnetAssociations

Remarks

See

`Optional` `Readonly`tags

Settings

On This Page

Interface INetworkAclConfig

Description

Example

Index

Properties

Properties

Optional ReadonlyinboundRules

See

Readonlyname

Remarks

Optional ReadonlyoutboundRules

See

ReadonlysubnetAssociations

Remarks

See

Optional Readonlytags

Settings

On This Page

`Optional` `Readonly`inboundRules

`Readonly`name

`Optional` `Readonly`outboundRules

`Readonly`subnetAssociations

`Optional` `Readonly`tags