volcenginecc.vpc.NetworkAcl

volcenginecc v0.0.32, Apr 23 26

Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine

Schema (JSON)

volcengine/pulumi-volcenginecc

Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine

Schema (JSON)

volcengine/pulumi-volcenginecc

Example Usage

Example coming soon!

Example coming soon!

Example coming soon!

Example coming soon!

Example coming soon!

resources:
  networkAclDemo:
    type: volcenginecc:vpc:NetworkAcl
    name: NetworkAclDemo
    properties:
      vpcId: vpc-rrco37ovjq4gv0x58xxxxxx
      networkAclName: NetworkAclDemo
      description: NetworkAclDemo-Description
      projectName: default
      ingressAclEntries:
        - cidr_ip: 10.0.1.0/24
          description: test-rule
          network_acl_entry_name: test-entries
          policy: drop
          port: 80/80
          protocol: tcp
      egressAclEntries:
        - cidr_ip: 0.0.0.0/0
          description: test-rule
          network_acl_entry_name: ""
          policy: accept
          port: -1/-1
          protocol: all
      resources:
        - resource_id: subnet-3nrjlvvxo4gsg931ebxxxxxx
      tags:
        - key: env
          value: test

Create NetworkAcl Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new NetworkAcl(name: string, args: NetworkAclArgs, opts?: CustomResourceOptions);

@overload
def NetworkAcl(resource_name: str,
               args: NetworkAclArgs,
               opts: Optional[ResourceOptions] = None)

@overload
def NetworkAcl(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               vpc_id: Optional[str] = None,
               description: Optional[str] = None,
               egress_acl_entries: Optional[Sequence[NetworkAclEgressAclEntryArgs]] = None,
               ingress_acl_entries: Optional[Sequence[NetworkAclIngressAclEntryArgs]] = None,
               network_acl_name: Optional[str] = None,
               project_name: Optional[str] = None,
               resources: Optional[Sequence[NetworkAclResourceArgs]] = None,
               tags: Optional[Sequence[NetworkAclTagArgs]] = None)

func NewNetworkAcl(ctx *Context, name string, args NetworkAclArgs, opts ...ResourceOption) (*NetworkAcl, error)

public NetworkAcl(string name, NetworkAclArgs args, CustomResourceOptions? opts = null)

public NetworkAcl(String name, NetworkAclArgs args)
public NetworkAcl(String name, NetworkAclArgs args, CustomResourceOptions options)

type: volcenginecc:vpc:NetworkAcl
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args NetworkAclArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args NetworkAclArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args NetworkAclArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args NetworkAclArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args NetworkAclArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var networkAclResource = new Volcenginecc.Vpc.NetworkAcl("networkAclResource", new()
{
    VpcId = "string",
    Description = "string",
    EgressAclEntries = new[]
    {
        new Volcenginecc.Vpc.Inputs.NetworkAclEgressAclEntryArgs
        {
            CidrIp = "string",
            Description = "string",
            NetworkAclEntryName = "string",
            Policy = "string",
            Port = "string",
            Protocol = "string",
        },
    },
    IngressAclEntries = new[]
    {
        new Volcenginecc.Vpc.Inputs.NetworkAclIngressAclEntryArgs
        {
            CidrIp = "string",
            Description = "string",
            NetworkAclEntryName = "string",
            Policy = "string",
            Port = "string",
            Protocol = "string",
        },
    },
    NetworkAclName = "string",
    ProjectName = "string",
    Resources = new[]
    {
        new Volcenginecc.Vpc.Inputs.NetworkAclResourceArgs
        {
            ResourceId = "string",
        },
    },
    Tags = new[]
    {
        new Volcenginecc.Vpc.Inputs.NetworkAclTagArgs
        {
            Key = "string",
            Value = "string",
        },
    },
});

example, err := vpc.NewNetworkAcl(ctx, "networkAclResource", &vpc.NetworkAclArgs{
	VpcId:       pulumi.String("string"),
	Description: pulumi.String("string"),
	EgressAclEntries: vpc.NetworkAclEgressAclEntryArray{
		&vpc.NetworkAclEgressAclEntryArgs{
			CidrIp:              pulumi.String("string"),
			Description:         pulumi.String("string"),
			NetworkAclEntryName: pulumi.String("string"),
			Policy:              pulumi.String("string"),
			Port:                pulumi.String("string"),
			Protocol:            pulumi.String("string"),
		},
	},
	IngressAclEntries: vpc.NetworkAclIngressAclEntryArray{
		&vpc.NetworkAclIngressAclEntryArgs{
			CidrIp:              pulumi.String("string"),
			Description:         pulumi.String("string"),
			NetworkAclEntryName: pulumi.String("string"),
			Policy:              pulumi.String("string"),
			Port:                pulumi.String("string"),
			Protocol:            pulumi.String("string"),
		},
	},
	NetworkAclName: pulumi.String("string"),
	ProjectName:    pulumi.String("string"),
	Resources: vpc.NetworkAclResourceArray{
		&vpc.NetworkAclResourceArgs{
			ResourceId: pulumi.String("string"),
		},
	},
	Tags: vpc.NetworkAclTagArray{
		&vpc.NetworkAclTagArgs{
			Key:   pulumi.String("string"),
			Value: pulumi.String("string"),
		},
	},
})

var networkAclResource = new NetworkAcl("networkAclResource", NetworkAclArgs.builder()
    .vpcId("string")
    .description("string")
    .egressAclEntries(NetworkAclEgressAclEntryArgs.builder()
        .cidrIp("string")
        .description("string")
        .networkAclEntryName("string")
        .policy("string")
        .port("string")
        .protocol("string")
        .build())
    .ingressAclEntries(NetworkAclIngressAclEntryArgs.builder()
        .cidrIp("string")
        .description("string")
        .networkAclEntryName("string")
        .policy("string")
        .port("string")
        .protocol("string")
        .build())
    .networkAclName("string")
    .projectName("string")
    .resources(NetworkAclResourceArgs.builder()
        .resourceId("string")
        .build())
    .tags(NetworkAclTagArgs.builder()
        .key("string")
        .value("string")
        .build())
    .build());

network_acl_resource = volcenginecc.vpc.NetworkAcl("networkAclResource",
    vpc_id="string",
    description="string",
    egress_acl_entries=[{
        "cidr_ip": "string",
        "description": "string",
        "network_acl_entry_name": "string",
        "policy": "string",
        "port": "string",
        "protocol": "string",
    }],
    ingress_acl_entries=[{
        "cidr_ip": "string",
        "description": "string",
        "network_acl_entry_name": "string",
        "policy": "string",
        "port": "string",
        "protocol": "string",
    }],
    network_acl_name="string",
    project_name="string",
    resources=[{
        "resource_id": "string",
    }],
    tags=[{
        "key": "string",
        "value": "string",
    }])

const networkAclResource = new volcenginecc.vpc.NetworkAcl("networkAclResource", {
    vpcId: "string",
    description: "string",
    egressAclEntries: [{
        cidrIp: "string",
        description: "string",
        networkAclEntryName: "string",
        policy: "string",
        port: "string",
        protocol: "string",
    }],
    ingressAclEntries: [{
        cidrIp: "string",
        description: "string",
        networkAclEntryName: "string",
        policy: "string",
        port: "string",
        protocol: "string",
    }],
    networkAclName: "string",
    projectName: "string",
    resources: [{
        resourceId: "string",
    }],
    tags: [{
        key: "string",
        value: "string",
    }],
});

type: volcenginecc:vpc:NetworkAcl
properties:
    description: string
    egressAclEntries:
        - cidrIp: string
          description: string
          networkAclEntryName: string
          policy: string
          port: string
          protocol: string
    ingressAclEntries:
        - cidrIp: string
          description: string
          networkAclEntryName: string
          policy: string
          port: string
          protocol: string
    networkAclName: string
    projectName: string
    resources:
        - resourceId: string
    tags:
        - key: string
          value: string
    vpcId: string

NetworkAcl Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The NetworkAcl resource accepts the following input properties:

VpcId string: ID of the VPC associated with the network ACL.
Description string: Network ACL description. Length must be 0–255 characters. Must start with a letter, Chinese character, or number. Can include English commas (,), periods (.), underscores (_), spaces ( ), equals signs (=), hyphens (-), Chinese commas (，), and Chinese periods (。).
EgressAclEntries List<Volcengine.NetworkAclEgressAclEntry>
IngressAclEntries List<Volcengine.NetworkAclIngressAclEntry>
NetworkAclName string: Network ACL name. Length must be 1–128 characters. Must start with a letter, Chinese character, or number, and can include periods (.), underscores (_), and hyphens (-).
ProjectName string: Name of the project associated with the network ACL. If not specified, added to the default project.
Resources List<Volcengine.NetworkAclResource>
Tags List<Volcengine.NetworkAclTag>

VpcId string: ID of the VPC associated with the network ACL.
Description string: Network ACL description. Length must be 0–255 characters. Must start with a letter, Chinese character, or number. Can include English commas (,), periods (.), underscores (_), spaces ( ), equals signs (=), hyphens (-), Chinese commas (，), and Chinese periods (。).
EgressAclEntries []NetworkAclEgressAclEntryArgs
IngressAclEntries []NetworkAclIngressAclEntryArgs
NetworkAclName string: Network ACL name. Length must be 1–128 characters. Must start with a letter, Chinese character, or number, and can include periods (.), underscores (_), and hyphens (-).
ProjectName string: Name of the project associated with the network ACL. If not specified, added to the default project.
Resources []NetworkAclResourceArgs
Tags []NetworkAclTagArgs

vpcId String: ID of the VPC associated with the network ACL.
description String: Network ACL description. Length must be 0–255 characters. Must start with a letter, Chinese character, or number. Can include English commas (,), periods (.), underscores (_), spaces ( ), equals signs (=), hyphens (-), Chinese commas (，), and Chinese periods (。).
egressAclEntries List<NetworkAclEgressAclEntry>
ingressAclEntries List<NetworkAclIngressAclEntry>
networkAclName String: Network ACL name. Length must be 1–128 characters. Must start with a letter, Chinese character, or number, and can include periods (.), underscores (_), and hyphens (-).
projectName String: Name of the project associated with the network ACL. If not specified, added to the default project.
resources List<NetworkAclResource>
tags List<NetworkAclTag>

vpcId string: ID of the VPC associated with the network ACL.
description string: Network ACL description. Length must be 0–255 characters. Must start with a letter, Chinese character, or number. Can include English commas (,), periods (.), underscores (_), spaces ( ), equals signs (=), hyphens (-), Chinese commas (，), and Chinese periods (。).
egressAclEntries NetworkAclEgressAclEntry[]
ingressAclEntries NetworkAclIngressAclEntry[]
networkAclName string: Network ACL name. Length must be 1–128 characters. Must start with a letter, Chinese character, or number, and can include periods (.), underscores (_), and hyphens (-).
projectName string: Name of the project associated with the network ACL. If not specified, added to the default project.
resources NetworkAclResource[]
tags NetworkAclTag[]

vpc_id str: ID of the VPC associated with the network ACL.
description str: Network ACL description. Length must be 0–255 characters. Must start with a letter, Chinese character, or number. Can include English commas (,), periods (.), underscores (_), spaces ( ), equals signs (=), hyphens (-), Chinese commas (，), and Chinese periods (。).
egress_acl_entries Sequence[NetworkAclEgressAclEntryArgs]
ingress_acl_entries Sequence[NetworkAclIngressAclEntryArgs]
network_acl_name str: Network ACL name. Length must be 1–128 characters. Must start with a letter, Chinese character, or number, and can include periods (.), underscores (_), and hyphens (-).
project_name str: Name of the project associated with the network ACL. If not specified, added to the default project.
resources Sequence[NetworkAclResourceArgs]
tags Sequence[NetworkAclTagArgs]

vpcId String: ID of the VPC associated with the network ACL.
description String: Network ACL description. Length must be 0–255 characters. Must start with a letter, Chinese character, or number. Can include English commas (,), periods (.), underscores (_), spaces ( ), equals signs (=), hyphens (-), Chinese commas (，), and Chinese periods (。).
egressAclEntries List<Property Map>
ingressAclEntries List<Property Map>
networkAclName String: Network ACL name. Length must be 1–128 characters. Must start with a letter, Chinese character, or number, and can include periods (.), underscores (_), and hyphens (-).
projectName String: Name of the project associated with the network ACL. If not specified, added to the default project.
resources List<Property Map>
tags List<Property Map>

Outputs

All input properties are implicitly available as output properties. Additionally, the NetworkAcl resource produces the following output properties:

CreatedTime string: Creation time of the network ACL.
DefaultEgressAclEntries List<Volcengine.NetworkAclDefaultEgressAclEntry>
DefaultIngressAclEntries List<Volcengine.NetworkAclDefaultIngressAclEntry>
Id string: The provider-assigned unique ID for this managed resource.
NetworkAclId string: Network ACL ID.
Status string: Status of the network ACL. Available: Available. Creating: Creating.
UpdatedTime string: Last updated time of the network ACL.

CreatedTime string: Creation time of the network ACL.
DefaultEgressAclEntries []NetworkAclDefaultEgressAclEntry
DefaultIngressAclEntries []NetworkAclDefaultIngressAclEntry
Id string: The provider-assigned unique ID for this managed resource.
NetworkAclId string: Network ACL ID.
Status string: Status of the network ACL. Available: Available. Creating: Creating.
UpdatedTime string: Last updated time of the network ACL.

createdTime String: Creation time of the network ACL.
defaultEgressAclEntries List<NetworkAclDefaultEgressAclEntry>
defaultIngressAclEntries List<NetworkAclDefaultIngressAclEntry>
id String: The provider-assigned unique ID for this managed resource.
networkAclId String: Network ACL ID.
status String: Status of the network ACL. Available: Available. Creating: Creating.
updatedTime String: Last updated time of the network ACL.

createdTime string: Creation time of the network ACL.
defaultEgressAclEntries NetworkAclDefaultEgressAclEntry[]
defaultIngressAclEntries NetworkAclDefaultIngressAclEntry[]
id string: The provider-assigned unique ID for this managed resource.
networkAclId string: Network ACL ID.
status string: Status of the network ACL. Available: Available. Creating: Creating.
updatedTime string: Last updated time of the network ACL.

created_time str: Creation time of the network ACL.
default_egress_acl_entries Sequence[NetworkAclDefaultEgressAclEntry]
default_ingress_acl_entries Sequence[NetworkAclDefaultIngressAclEntry]
id str: The provider-assigned unique ID for this managed resource.
network_acl_id str: Network ACL ID.
status str: Status of the network ACL. Available: Available. Creating: Creating.
updated_time str: Last updated time of the network ACL.

createdTime String: Creation time of the network ACL.
defaultEgressAclEntries List<Property Map>
defaultIngressAclEntries List<Property Map>
id String: The provider-assigned unique ID for this managed resource.
networkAclId String: Network ACL ID.
status String: Status of the network ACL. Available: Available. Creating: Creating.
updatedTime String: Last updated time of the network ACL.

Look up Existing NetworkAcl Resource

Get an existing NetworkAcl resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: NetworkAclState, opts?: CustomResourceOptions): NetworkAcl

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        created_time: Optional[str] = None,
        default_egress_acl_entries: Optional[Sequence[NetworkAclDefaultEgressAclEntryArgs]] = None,
        default_ingress_acl_entries: Optional[Sequence[NetworkAclDefaultIngressAclEntryArgs]] = None,
        description: Optional[str] = None,
        egress_acl_entries: Optional[Sequence[NetworkAclEgressAclEntryArgs]] = None,
        ingress_acl_entries: Optional[Sequence[NetworkAclIngressAclEntryArgs]] = None,
        network_acl_id: Optional[str] = None,
        network_acl_name: Optional[str] = None,
        project_name: Optional[str] = None,
        resources: Optional[Sequence[NetworkAclResourceArgs]] = None,
        status: Optional[str] = None,
        tags: Optional[Sequence[NetworkAclTagArgs]] = None,
        updated_time: Optional[str] = None,
        vpc_id: Optional[str] = None) -> NetworkAcl

func GetNetworkAcl(ctx *Context, name string, id IDInput, state *NetworkAclState, opts ...ResourceOption) (*NetworkAcl, error)

public static NetworkAcl Get(string name, Input<string> id, NetworkAclState? state, CustomResourceOptions? opts = null)

public static NetworkAcl get(String name, Output<String> id, NetworkAclState state, CustomResourceOptions options)

resources:  _:    type: volcenginecc:vpc:NetworkAcl    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

CreatedTime string: Creation time of the network ACL.
DefaultEgressAclEntries List<Volcengine.NetworkAclDefaultEgressAclEntry>
DefaultIngressAclEntries List<Volcengine.NetworkAclDefaultIngressAclEntry>
Description string: Network ACL description. Length must be 0–255 characters. Must start with a letter, Chinese character, or number. Can include English commas (,), periods (.), underscores (_), spaces ( ), equals signs (=), hyphens (-), Chinese commas (，), and Chinese periods (。).
EgressAclEntries List<Volcengine.NetworkAclEgressAclEntry>
IngressAclEntries List<Volcengine.NetworkAclIngressAclEntry>
NetworkAclId string: Network ACL ID.
NetworkAclName string: Network ACL name. Length must be 1–128 characters. Must start with a letter, Chinese character, or number, and can include periods (.), underscores (_), and hyphens (-).
ProjectName string: Name of the project associated with the network ACL. If not specified, added to the default project.
Resources List<Volcengine.NetworkAclResource>
Status string: Status of the network ACL. Available: Available. Creating: Creating.
Tags List<Volcengine.NetworkAclTag>
UpdatedTime string: Last updated time of the network ACL.
VpcId string: ID of the VPC associated with the network ACL.

CreatedTime string: Creation time of the network ACL.
DefaultEgressAclEntries []NetworkAclDefaultEgressAclEntryArgs
DefaultIngressAclEntries []NetworkAclDefaultIngressAclEntryArgs
Description string: Network ACL description. Length must be 0–255 characters. Must start with a letter, Chinese character, or number. Can include English commas (,), periods (.), underscores (_), spaces ( ), equals signs (=), hyphens (-), Chinese commas (，), and Chinese periods (。).
EgressAclEntries []NetworkAclEgressAclEntryArgs
IngressAclEntries []NetworkAclIngressAclEntryArgs
NetworkAclId string: Network ACL ID.
NetworkAclName string: Network ACL name. Length must be 1–128 characters. Must start with a letter, Chinese character, or number, and can include periods (.), underscores (_), and hyphens (-).
ProjectName string: Name of the project associated with the network ACL. If not specified, added to the default project.
Resources []NetworkAclResourceArgs
Status string: Status of the network ACL. Available: Available. Creating: Creating.
Tags []NetworkAclTagArgs
UpdatedTime string: Last updated time of the network ACL.
VpcId string: ID of the VPC associated with the network ACL.

createdTime String: Creation time of the network ACL.
defaultEgressAclEntries List<NetworkAclDefaultEgressAclEntry>
defaultIngressAclEntries List<NetworkAclDefaultIngressAclEntry>
description String: Network ACL description. Length must be 0–255 characters. Must start with a letter, Chinese character, or number. Can include English commas (,), periods (.), underscores (_), spaces ( ), equals signs (=), hyphens (-), Chinese commas (，), and Chinese periods (。).
egressAclEntries List<NetworkAclEgressAclEntry>
ingressAclEntries List<NetworkAclIngressAclEntry>
networkAclId String: Network ACL ID.
networkAclName String: Network ACL name. Length must be 1–128 characters. Must start with a letter, Chinese character, or number, and can include periods (.), underscores (_), and hyphens (-).
projectName String: Name of the project associated with the network ACL. If not specified, added to the default project.
resources List<NetworkAclResource>
status String: Status of the network ACL. Available: Available. Creating: Creating.
tags List<NetworkAclTag>
updatedTime String: Last updated time of the network ACL.
vpcId String: ID of the VPC associated with the network ACL.

createdTime string: Creation time of the network ACL.
defaultEgressAclEntries NetworkAclDefaultEgressAclEntry[]
defaultIngressAclEntries NetworkAclDefaultIngressAclEntry[]
description string: Network ACL description. Length must be 0–255 characters. Must start with a letter, Chinese character, or number. Can include English commas (,), periods (.), underscores (_), spaces ( ), equals signs (=), hyphens (-), Chinese commas (，), and Chinese periods (。).
egressAclEntries NetworkAclEgressAclEntry[]
ingressAclEntries NetworkAclIngressAclEntry[]
networkAclId string: Network ACL ID.
networkAclName string: Network ACL name. Length must be 1–128 characters. Must start with a letter, Chinese character, or number, and can include periods (.), underscores (_), and hyphens (-).
projectName string: Name of the project associated with the network ACL. If not specified, added to the default project.
resources NetworkAclResource[]
status string: Status of the network ACL. Available: Available. Creating: Creating.
tags NetworkAclTag[]
updatedTime string: Last updated time of the network ACL.
vpcId string: ID of the VPC associated with the network ACL.

created_time str: Creation time of the network ACL.
default_egress_acl_entries Sequence[NetworkAclDefaultEgressAclEntryArgs]
default_ingress_acl_entries Sequence[NetworkAclDefaultIngressAclEntryArgs]
description str: Network ACL description. Length must be 0–255 characters. Must start with a letter, Chinese character, or number. Can include English commas (,), periods (.), underscores (_), spaces ( ), equals signs (=), hyphens (-), Chinese commas (，), and Chinese periods (。).
egress_acl_entries Sequence[NetworkAclEgressAclEntryArgs]
ingress_acl_entries Sequence[NetworkAclIngressAclEntryArgs]
network_acl_id str: Network ACL ID.
network_acl_name str: Network ACL name. Length must be 1–128 characters. Must start with a letter, Chinese character, or number, and can include periods (.), underscores (_), and hyphens (-).
project_name str: Name of the project associated with the network ACL. If not specified, added to the default project.
resources Sequence[NetworkAclResourceArgs]
status str: Status of the network ACL. Available: Available. Creating: Creating.
tags Sequence[NetworkAclTagArgs]
updated_time str: Last updated time of the network ACL.
vpc_id str: ID of the VPC associated with the network ACL.

createdTime String: Creation time of the network ACL.
defaultEgressAclEntries List<Property Map>
defaultIngressAclEntries List<Property Map>
description String: Network ACL description. Length must be 0–255 characters. Must start with a letter, Chinese character, or number. Can include English commas (,), periods (.), underscores (_), spaces ( ), equals signs (=), hyphens (-), Chinese commas (，), and Chinese periods (。).
egressAclEntries List<Property Map>
ingressAclEntries List<Property Map>
networkAclId String: Network ACL ID.
networkAclName String: Network ACL name. Length must be 1–128 characters. Must start with a letter, Chinese character, or number, and can include periods (.), underscores (_), and hyphens (-).
projectName String: Name of the project associated with the network ACL. If not specified, added to the default project.
resources List<Property Map>
status String: Status of the network ACL. Available: Available. Creating: Creating.
tags List<Property Map>
updatedTime String: Last updated time of the network ACL.
vpcId String: ID of the VPC associated with the network ACL.

Supporting Types

NetworkAclDefaultEgressAclEntry, NetworkAclDefaultEgressAclEntryArgs

CidrIp string: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
Description string: Rule description.
NetworkAclEntryId string: Rule ID.
NetworkAclEntryName string: Rule name.
Policy string: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
Port string: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
Priority int: Priority of direction rules. Lower numbers indicate higher priority. Default value if not specified: 1.
Protocol string: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

CidrIp string: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
Description string: Rule description.
NetworkAclEntryId string: Rule ID.
NetworkAclEntryName string: Rule name.
Policy string: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
Port string: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
Priority int: Priority of direction rules. Lower numbers indicate higher priority. Default value if not specified: 1.
Protocol string: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidrIp String: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description String: Rule description.
networkAclEntryId String: Rule ID.
networkAclEntryName String: Rule name.
policy String: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port String: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
priority Integer: Priority of direction rules. Lower numbers indicate higher priority. Default value if not specified: 1.
protocol String: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidrIp string: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description string: Rule description.
networkAclEntryId string: Rule ID.
networkAclEntryName string: Rule name.
policy string: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port string: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
priority number: Priority of direction rules. Lower numbers indicate higher priority. Default value if not specified: 1.
protocol string: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidr_ip str: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description str: Rule description.
network_acl_entry_id str: Rule ID.
network_acl_entry_name str: Rule name.
policy str: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port str: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
priority int: Priority of direction rules. Lower numbers indicate higher priority. Default value if not specified: 1.
protocol str: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidrIp String: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description String: Rule description.
networkAclEntryId String: Rule ID.
networkAclEntryName String: Rule name.
policy String: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port String: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
priority Number: Priority of direction rules. Lower numbers indicate higher priority. Default value if not specified: 1.
protocol String: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

NetworkAclDefaultIngressAclEntry, NetworkAclDefaultIngressAclEntryArgs

CidrIp string: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
Description string: Rule description.
NetworkAclEntryId string: Rule ID.
NetworkAclEntryName string: Rule name.
Policy string: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
Port string: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
Priority int: Priority of direction rules. Lower numbers indicate higher priority. Default value if not specified: 1.
Protocol string: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

CidrIp string: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
Description string: Rule description.
NetworkAclEntryId string: Rule ID.
NetworkAclEntryName string: Rule name.
Policy string: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
Port string: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
Priority int: Priority of direction rules. Lower numbers indicate higher priority. Default value if not specified: 1.
Protocol string: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidrIp String: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description String: Rule description.
networkAclEntryId String: Rule ID.
networkAclEntryName String: Rule name.
policy String: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port String: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
priority Integer: Priority of direction rules. Lower numbers indicate higher priority. Default value if not specified: 1.
protocol String: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidrIp string: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description string: Rule description.
networkAclEntryId string: Rule ID.
networkAclEntryName string: Rule name.
policy string: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port string: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
priority number: Priority of direction rules. Lower numbers indicate higher priority. Default value if not specified: 1.
protocol string: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidr_ip str: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description str: Rule description.
network_acl_entry_id str: Rule ID.
network_acl_entry_name str: Rule name.
policy str: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port str: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
priority int: Priority of direction rules. Lower numbers indicate higher priority. Default value if not specified: 1.
protocol str: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidrIp String: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description String: Rule description.
networkAclEntryId String: Rule ID.
networkAclEntryName String: Rule name.
policy String: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port String: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
priority Number: Priority of direction rules. Lower numbers indicate higher priority. Default value if not specified: 1.
protocol String: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

NetworkAclEgressAclEntry, NetworkAclEgressAclEntryArgs

CidrIp string: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
Description string: Rule description.
NetworkAclEntryName string: Rule name.
Policy string: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
Port string: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
Protocol string: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

CidrIp string: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
Description string: Rule description.
NetworkAclEntryName string: Rule name.
Policy string: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
Port string: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
Protocol string: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidrIp String: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description String: Rule description.
networkAclEntryName String: Rule name.
policy String: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port String: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
protocol String: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidrIp string: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description string: Rule description.
networkAclEntryName string: Rule name.
policy string: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port string: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
protocol string: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidr_ip str: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description str: Rule description.
network_acl_entry_name str: Rule name.
policy str: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port str: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
protocol str: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidrIp String: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description String: Rule description.
networkAclEntryName String: Rule name.
policy String: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port String: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
protocol String: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

NetworkAclIngressAclEntry, NetworkAclIngressAclEntryArgs

CidrIp string: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
Description string: Rule description.
NetworkAclEntryName string: Rule name.
Policy string: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
Port string: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
Protocol string: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

CidrIp string: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
Description string: Rule description.
NetworkAclEntryName string: Rule name.
Policy string: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
Port string: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
Protocol string: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidrIp String: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description String: Rule description.
networkAclEntryName String: Rule name.
policy String: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port String: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
protocol String: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidrIp string: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description string: Rule description.
networkAclEntryName string: Rule name.
policy string: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port string: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
protocol string: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidr_ip str: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description str: Rule description.
network_acl_entry_name str: Rule name.
policy str: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port str: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
protocol str: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

cidrIp String: For inbound rules, specifies the source address range. For outbound rules, specifies the destination address range. Supports CIDR and IPv4 address ranges. Default value: none.
description String: Rule description.
networkAclEntryName String: Rule name.
policy String: Authorization policy. accept: Allow access. drop: Deny access. No denial message is returned; the requester only experiences a timeout or similar connection failure.
port String: Destination port range for the rule. If the direction rule protocol is all, icmp, or gre, the port range is -1/-1, meaning no port restriction. If the protocol is tcp or udp, the port range is 1–65535, formatted as 1/200, 80/80, indicating ports 1 to 200, or port 80.
protocol String: Protocol type. tcp: TCP protocol. udp: UDP protocol. icmp: ICMP protocol. icmpv6: ICMPV6 protocol. gre: GRE protocol. all: Supports all protocols.

NetworkAclResource, NetworkAclResourceArgs

ResourceId string: Associated resource ID.

ResourceId string: Associated resource ID.

resourceId String: Associated resource ID.

resourceId string: Associated resource ID.

resource_id str: Associated resource ID.

resourceId String: Associated resource ID.

NetworkAclTag, NetworkAclTagArgs

Key string: User tag key.
Value string: User tag value.

Key string: User tag key.
Value string: User tag value.

key String: User tag key.
value String: User tag value.

key string: User tag key.
value string: User tag value.

key str: User tag key.
value str: User tag value.

key String: User tag key.
value String: User tag value.

Import

$ pulumi import volcenginecc:vpc/networkAcl:NetworkAcl example "network_acl_id"

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: volcenginecc volcengine/pulumi-volcenginecc
License: MPL-2.0
Notes: This Pulumi package is based on the volcenginecc Terraform Provider.

Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine

Schema (JSON)

volcengine/pulumi-volcenginecc

volcenginecc.vpc.NetworkAcl

On this page

On this page

Example Usage

Create NetworkAcl Resource

Constructor syntax

Parameters

Constructor example

NetworkAcl Resource Properties

Inputs

Outputs

Look up Existing NetworkAcl Resource

Supporting Types

NetworkAclDefaultEgressAclEntry, NetworkAclDefaultEgressAclEntryArgs

NetworkAclDefaultIngressAclEntry, NetworkAclDefaultIngressAclEntryArgs

NetworkAclEgressAclEntry, NetworkAclEgressAclEntryArgs

NetworkAclIngressAclEntry, NetworkAclIngressAclEntryArgs

NetworkAclResource, NetworkAclResourceArgs

NetworkAclTag, NetworkAclTagArgs

Import

Package Details

On this page

On this page