AWS::EC2::NetworkAcl

EC2 NetworkAcl

Specifies a network ACL for your VPC. To add a network ACL entry, see [AWS::EC2::NetworkAclEntry](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-networkaclentry.html).

Properties

2 configurable properties. 1 required. Click a row to see details.

Filter:

Property	Type	Flags
`VpcId`	`string`	RequiredCreate-only
`Tags`	`Array<Tag>`

Return Values

Values returned after the resource is created. Access these with Fn::GetAtt.

Attribute	Type	Description
`Id`	`string`	-

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml

AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::EC2::NetworkAcl

Resources:
  MyResource:
    Type: AWS::EC2::NetworkAcl
    Properties:
      VpcId: "my-vpcid"
      Tags:
        - Key: Environment
          Value: Production

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

read

ec2:DescribeNetworkAclsec2:DescribeTags

create

ec2:CreateNetworkAclec2:DescribeNetworkAclsec2:CreateTags

update

ec2:DescribeNetworkAclsec2:DeleteTagsec2:CreateTags

list

ec2:DescribeNetworkAcls

delete

ec2:DeleteTagsec2:DeleteNetworkAclec2:DescribeNetworkAcls

Get the EC2 Cheat Sheet

Everything you need to know about EC2 on one page. HD quality, print-friendly.

Download Free Infographic

Quick Facts

ServiceEC2

Properties3

Required1

TaggingSupported

Primary IDId

Supported Operations

ReadCreateUpdateListDelete

Immutable After Creation

These properties cannot be changed after the resource is created. Updating them triggers a replacement.

VpcId

Related Resources

External Links

AWS Documentation