alicloud_accountalicloud_action_trailalicloud_cas_certificatealicloud_cms_monitor_hostalicloud_cs_kubernetes_clusteralicloud_cs_kubernetes_cluster_nodealicloud_ecs_auto_provisioning_groupalicloud_ecs_autoscaling_groupalicloud_ecs_diskalicloud_ecs_disk_metric_read_iopsalicloud_ecs_disk_metric_read_iops_dailyalicloud_ecs_disk_metric_read_iops_hourlyalicloud_ecs_disk_metric_write_iopsalicloud_ecs_disk_metric_write_iops_dailyalicloud_ecs_disk_metric_write_iops_hourlyalicloud_ecs_imagealicloud_ecs_instancealicloud_ecs_instance_metric_cpu_utilization_dailyalicloud_ecs_instance_metric_cpu_utilization_hourlyalicloud_ecs_key_pairalicloud_ecs_launch_templatealicloud_ecs_network_interfacealicloud_ecs_regionalicloud_ecs_security_groupalicloud_ecs_snapshotalicloud_ecs_zonealicloud_kms_keyalicloud_kms_secretalicloud_oss_bucketalicloud_ram_access_keyalicloud_ram_credential_reportalicloud_ram_groupalicloud_ram_password_policyalicloud_ram_policyalicloud_ram_rolealicloud_ram_security_preferencealicloud_ram_useralicloud_rds_backupalicloud_rds_databasealicloud_rds_instancealicloud_rds_instance_metric_connectionsalicloud_rds_instance_metric_connections_dailyalicloud_rds_instance_metric_cpu_utilizationalicloud_rds_instance_metric_cpu_utilization_dailyalicloud_rds_instance_metric_cpu_utilization_hourlyalicloud_security_center_field_statisticsalicloud_security_center_versionalicloud_slb_load_balanceralicloud_vpcalicloud_vpc_dhcp_options_setalicloud_vpc_eipalicloud_vpc_flow_logalicloud_vpc_nat_gatewayalicloud_vpc_network_aclalicloud_vpc_route_entryalicloud_vpc_route_tablealicloud_vpc_ssl_vpn_client_certalicloud_vpc_ssl_vpn_serveralicloud_vpc_vpn_connectionalicloud_vpc_vpn_customer_gatewayalicloud_vpc_vpn_gatewayalicloud_vpc_vswitch
Table: alicloud_vpc_network_acl
A Network Access Control List (ACL) is an optional layer of security for traffic control in your VPC. You can associate a network ACL with a VSwitch to regulate access for one or more subnets. Similar to the rules of security groups, a user can configure custom rules for network ACLs.
Network ACLs are stateless. After you configure the inbound rules, you need to configure the corresponding outbound rules for certain requests to have a response.
Examples
Basic info
select name, network_acl_id, status, vpc_id, description, regionfrom alicloud_vpc_network_acl;
List the VSwitches associated with each network ACL
select network_acl_id, vpc_id, association ->> 'ResourceId' as vswitch_id, association ->> 'Status' as association_statusfrom alicloud_vpc_network_acl, jsonb_array_elements(resources) as associationwhere association ->> 'ResourceType' = 'VSwitch';
Get inbound rule info for each network ACL
select name, network_acl_id, vpc_id, i ->> 'NetworkAclEntryId' as network_acl_entry_id, i ->> 'NetworkAclEntryName' as network_acl_entry_name, i ->> 'Description' as description, i ->> 'EntryType' as entry_type, i ->> 'Policy' as policy, i ->> 'Port' as port, i ->> 'Protocol' as protocol, i ->> 'SourceCidrIp' as source_cidr_ipfrom alicloud_vpc_network_acl, jsonb_array_elements(ingress_acl_entries) as i;
Get outbound rule info for each network ACL
select name, network_acl_id, vpc_id, i ->> 'NetworkAclEntryId' as network_acl_entry_id, i ->> 'NetworkAclEntryName' as network_acl_entry_name, i ->> 'Description' as description, i ->> 'EntryType' as entry_type, i ->> 'Policy' as policy, i ->> 'Port' as port, i ->> 'Protocol' as protocol, i ->> 'DestinationCidrIp' as destination_cidr_ipfrom alicloud_vpc_network_acl, jsonb_array_elements(egress_acl_entries) as i;
Query examples
.inspect alicloud_vpc_network_acl
Alicloud VPC Network ACL
Name | Type | Description |
---|---|---|
_ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. |
account_id | text | The Alicloud Account ID in which the resource is located. |
akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. |
creation_time | timestamp with time zone | The time when the network ACL was created. |
description | text | The description of the network ACL. |
egress_acl_entries | jsonb | A list of outbound rules of the network ACL. |
ingress_acl_entries | jsonb | A list of inbound rules of the network ACL. |
name | text | The name of the network ACL. |
network_acl_id | text | The ID of the network ACL. |
owner_id | bigint | The ID of the owner of the resource. |
region | text | The Alicloud region in which the resource is located. |
region_id | text | The name of the region where the resource resides. |
resources | jsonb | A list of associated resources. |
status | text | The status of the network ACL. |
title | text | Title of the resource. |
vpc_id | text | The ID of the VPC associated with the network ACL. |