---
title: Getting Started with Datadog
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: Docs > Infrastructure > Datadog Resource Catalog
---

# aws_network_acl{% #aws_network_acl %}

## `account_id`{% #account_id %}

**Type**: `STRING`

## `associations`{% #associations %}

**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `Associations`**Description**: Any associations between the network ACL and your subnets

- `network_acl_association_id`**Type**: `STRING`**Provider name**: `NetworkAclAssociationId`**Description**: The ID of the association between a network ACL and a subnet.
- `network_acl_id`**Type**: `STRING`**Provider name**: `NetworkAclId`**Description**: The ID of the network ACL.
- `subnet_id`**Type**: `STRING`**Provider name**: `SubnetId`**Description**: The ID of the subnet.

## `entries`{% #entries %}

**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `Entries`**Description**: The entries (rules) in the network ACL.

- `cidr_block`**Type**: `STRING`**Provider name**: `CidrBlock`**Description**: The IPv4 network range to allow or deny, in CIDR notation.
- `egress`**Type**: `BOOLEAN`**Provider name**: `Egress`**Description**: Indicates whether the rule is an egress rule (applied to traffic leaving the subnet).
- `icmp_type_code`**Type**: `STRUCT`**Provider name**: `IcmpTypeCode`**Description**: ICMP protocol: The ICMP type and code.
  - `code`**Type**: `INT32`**Provider name**: `Code`**Description**: The ICMP code. A value of -1 means all codes for the specified ICMP type.
  - `type`**Type**: `INT32`**Provider name**: `Type`**Description**: The ICMP type. A value of -1 means all types.
- `ipv6_cidr_block`**Type**: `STRING`**Provider name**: `Ipv6CidrBlock`**Description**: The IPv6 network range to allow or deny, in CIDR notation.
- `port_range`**Type**: `STRUCT`**Provider name**: `PortRange`**Description**: TCP or UDP protocols: The range of ports the rule applies to.
  - `from`**Type**: `INT32`**Provider name**: `From`**Description**: The first port in the range.
  - `to`**Type**: `INT32`**Provider name**: `To`**Description**: The last port in the range.
- `protocol`**Type**: `STRING`**Provider name**: `Protocol`**Description**: The protocol number. A value of "-1" means all protocols.
- `rule_action`**Type**: `STRING`**Provider name**: `RuleAction`**Description**: Indicates whether to allow or deny the traffic that matches the rule.
- `rule_number`**Type**: `INT32`**Provider name**: `RuleNumber`**Description**: The rule number for the entry. ACL entries are processed in ascending order by rule number.

## `is_default`{% #is_default %}

**Type**: `BOOLEAN`**Provider name**: `IsDefault`**Description**: Indicates whether this is the default network ACL for the VPC.

## `network_acl_arn`{% #network_acl_arn %}

**Type**: `STRING`

## `network_acl_id`{% #network_acl_id %}

**Type**: `STRING`**Provider name**: `NetworkAclId`**Description**: The ID of the network ACL.

## `owner_id`{% #owner_id %}

**Type**: `STRING`**Provider name**: `OwnerId`**Description**: The ID of the Amazon Web Services account that owns the network ACL.

## `tags`{% #tags %}

**Type**: `UNORDERED_LIST_STRING`

## `vpc_id`{% #vpc_id %}

**Type**: `STRING`**Provider name**: `VpcId`**Description**: The ID of the VPC for the network ACL.