NetworkACLEntry - Amazon FinSpace

Amazon FinSpace Dataset Browser will be discontinued on November 29, 2024. Starting November 29, 2023, FinSpace will no longer accept the creation of new Dataset Browser environments. Customers using Amazon FinSpace with Managed Kdb Insights will not be affected. For more information, review the FAQ or contact AWS Support to assist with your transition.


The network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. The entry is a set of numbered ingress and egress rules that determine whether a packet should be allowed in or out of a subnet associated with the ACL. We process the entries in the ACL according to the rule numbers, in ascending order.



In the following list, the required parameters are described first.


The IPv4 network range to allow or deny, in CIDR notation. For example, We modify the specified CIDR block to its canonical form. For example, if you specify, we modify it to

Type: String

Length Constraints: Minimum length of 1. Maximum length of 18.

Pattern: ^(?:\d{1,3}\.){3}\d{1,3}(?:\/(?:3[0-2]|[12]\d|\d))$

Required: Yes


The protocol number. A value of -1 means all the protocols.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 5.

Pattern: ^-1|[0-9]+$

Required: Yes


Indicates whether to allow or deny the traffic that matches the rule.

Type: String

Valid Values: allow | deny

Required: Yes


The rule number for the entry. For example 100. All the network ACL entries are processed in ascending order by rule number.

Type: Integer

Valid Range: Minimum value of 1. Maximum value of 32766.

Required: Yes


Defines the ICMP protocol that consists of the ICMP type and code.

Type: IcmpTypeCode object

Required: No


The range of ports the rule applies to.

Type: PortRange object

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: