NetworkConfig / VpcConfig | VpcTemplatesConfig / NetworkAclConfig

Network access control list (ACL) configuration. Use this configuration to define custom network ACLs for your VPC. A network ACL allows or denies specific inbound or outbound traffic at the subnet level. Network ACLs are stateless, which means that responses to allowed inbound traffic are subject to the rules for outbound traffic (and vice versa).

The following example shows an inbound and outbound rule that would allow inbound SSH traffic from the CIDR range 10.0.0.0/16.

Example

- name: accelerator-nacl
subnetAssociations:
- Subnet-A
inboundRules:
- rule: 200
protocol: 6
fromPort: 22
toPort: 22
action: allow
source: 10.0.0.0/16
outboundRules:
- rule: 200
protocol: 6
fromPort: 1024
toPort: 65535
action: allow
destination: 10.0.0.0/16
tags: []

Hierarchy

  • NetworkAclConfig

Implements

Constructors

Properties

inboundRules: undefined | NetworkAclInboundRuleConfig[] = undefined

(OPTIONAL) A list of inbound rules to define for the Network ACL

See

NetworkAclInboundRuleConfig

name: string = ''

The name of the Network ACL.

Remarks

CAUTION: Changing this property value causes the network ACL to be recreated. Please be aware that any downstream dependencies may cause this property update to fail. Please also note that your network traffic may be temporarily impacted while the ACL is updated.

outboundRules: undefined | NetworkAclOutboundRuleConfig[] = undefined

(OPTIONAL) A list of outbound rules to define for the Network ACL

See

NetworkAclOutboundRuleConfig

subnetAssociations: string[] = []

A list of subnets to associate with the Network ACL

Remarks

This is the logical name property of the subnet as defined in network-config.yaml.

See

SubnetConfig

tags: undefined | Tag[] = undefined

(OPTIONAL) A list of tags to attach to the Network ACL

Generated using TypeDoc