Home > Software engineering >  AWS Network ACL - How does subnet association works?
AWS Network ACL - How does subnet association works?

Time:09-23

I have 100 IPs which need to be blocked using Network ACL. As there is a limit of 20 Rule ( including default asterisk rule ) per ACL. I planned to create 7-8 ACLs to implement 100 Rules. ( According to AWS - Network ACL Quotas 200 NACLs per VPC are allowed.

However as per Network ACL Basics, a subnet can be associated with only one NACL.

You can associate a network ACL with multiple subnets. However, a subnet can be associated with only one network ACL at a time. When you associate a network ACL with a subnet, the previous association is removed.

I am wondering if at a time only one ACL can be associated with a subnet, what is the purpose of allowing 200 ACLs per VPC ? Most likely I am missing some point.

My assumption is Network ACL will not work until it is associated with subnet. Let me know if this assumption is not correct.

CodePudding user response:

I am wondering if at a time only one ACL can be associated with a subnet, what is the purpose of allowing 200 ACLs per VPC ?

You can also have up to 200 subnets per VPC.

  • Related