This module creates following resources.
aws_network_aclaws_network_acl_association(optional)aws_network_acl_rule(optional)
| Name | Version |
|---|---|
| terraform | >= 1.6 |
| aws | >= 4.59 |
| Name | Version |
|---|---|
| aws | 5.22.0 |
| Name | Source | Version |
|---|---|---|
| resource_group | tedilabs/misc/aws//modules/resource-group | ~> 0.10.0 |
| Name | Type |
|---|---|
| aws_network_acl.this | resource |
| aws_network_acl_rule.egress | resource |
| aws_network_acl_rule.ingress | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| name | (Required) Desired name for the network ACL resources. | string |
n/a | yes |
| vpc_id | (Required) The ID of the VPC to associate. | string |
n/a | yes |
| egress_rules | (Optional) A set of egress rules in the default Network ACL. Use the key of map as the rule number (priority). If not explicitly defined, the AWS default rules are applied. Each block of egress_rules as defined below.(Required) priority - The rule priority. The rule number. Used for ordering.(Required) action - The action to indicate whether to allow or deny the traffic that matches the rule. Valid values are ALLOW and DENY.(Required) protocol - The protocol to match. If using the -1 'all' protocol, you must specify a from and to port of 0.(Optional) from_port - The from port to match.(Optional) to_port - The to port to match.(Optional) ipv4_cidr - The IPv4 network range to allow or deny, in CIDR notation. Cannot be specified with ipv6_cidr.(Optional) ipv6_cidr - The IPv6 network range to allow or deny, in CIDR notation. Cannot be specified with ipv4_cidr.(Optional) icmp_type - The ICMP type to be used. Defaults to 0.(Optional) icmp_code - The ICMP code to be used. Defaults to 0. |
map(object({ |
{} |
no |
| ingress_rules | (Optional) A map of ingress rules in the default Network ACL. Use the key of map as the rule number (priority). If not explicitly defined, the AWS default rules are applied. Each block of ingress_rules as defined below.(Required) priority - The rule priority. The rule number. Used for ordering.(Required) action - The action to indicate whether to allow or deny the traffic that matches the rule. Valid values are ALLOW and DENY.(Required) protocol - The protocol to match. If using the -1 all protocol, you must specify a from and to port of 0.(Optional) from_port - The from port to match.(Optional) to_port - The to port to match.(Optional) ipv4_cidr - The IPv4 network range to allow or deny, in CIDR notation. Cannot be specified with ipv6_cidr.(Optional) ipv6_cidr - The IPv6 network range to allow or deny, in CIDR notation. Cannot be specified with ipv4_cidr.(Optional) icmp_type - The ICMP type to be used. Defaults to 0.(Optional) icmp_code - The ICMP code to be used. Defaults to 0. |
map(object({ |
{} |
no |
| module_tags_enabled | (Optional) Whether to create AWS Resource Tags for the module informations. | bool |
true |
no |
| resource_group_description | (Optional) The description of Resource Group. | string |
"Managed by Terraform." |
no |
| resource_group_enabled | (Optional) Whether to create Resource Group to find and group AWS resources which are created by this module. | bool |
true |
no |
| resource_group_name | (Optional) The name of Resource Group. A Resource Group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with AWS or aws. |
string |
"" |
no |
| subnets | (Optional) A list of subnet IDs to apply the ACL to. | list(string) |
[] |
no |
| tags | (Optional) A map of tags to add to all resources. | map(string) |
{} |
no |
| Name | Description |
|---|---|
| arn | The ARN of the network ACL. |
| id | The ID of the network ACL. |
| name | The name of the network ACL. |
| owner_id | The ID of the AWS account that owns the network ACL. |
| subnets | A list of subnet IDs which is associated with the network ACL. |
| vpc_id | The VPC ID of the network ACL. |