skip to Main Content

When I’m creating a Network ACL for AWS in Terraform I’m not able to configure the field "Type"

However if you configure the ACL via Portal the field type can be configured accordingly.

aws nacl ui

3

Answers


  1. You are looking for the following terraform resources that support protocol argument:

    resource "aws_network_acl" "bar" {
      vpc_id = aws_vpc.foo.id
    }
    
    resource "aws_network_acl_rule" "bar" {
      network_acl_id = aws_network_acl.bar.id
      rule_number    = 200
      egress         = false
      protocol       = "tcp"
      rule_action    = "allow"
      cidr_block     = aws_vpc.foo.cidr_block
      from_port      = 22
      to_port        = 22
    }
    

    The example was takes from https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/network_acl_rule

    Login or Signup to reply.
  2. The type field is "automatically defined" based on the information you use for the port/protocol.

    For example, try to create a rule for port 25/tcp.

    After you apply and the rule is created, the type will automatically be set to "SMTP(25)".

    Login or Signup to reply.
  3. The Type field on the web console is just an easy way to select pre-configured combinations of protocols and ports. This field is not there in terraform templates, and you can simply specify the protocol and port separately as shown in @marcincuber’s answer. It’s the same in AWS CloudFormation as well.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search