https://pulumi.com logo
#aws
Title
# aws
h

hallowed-fireman-90476

01/08/2024, 3:27 AM
#aws Does anyone tried to modify the existing rule of Network ACL. I tried few options but no luck. Referred below code snippet and got
NetworkAclEntryAlreadyExists
error
Copy code
import pulumi
import pulumi_aws as aws

# Replace these variables with appropriate values.
acl_id = "acl-abcdefgh"  # The ID of the Network ACL
rule_number = 100        # The number of the rule you want to replace

# Note: AWS does not allow modification of an existing NetworkAclEntry
# Therefore, you should first delete the existing one and then create a new one.
# This is an example of removing an ingress rule;
# for egress, you would set the `egress` parameter to True.

# Delete the existing Network ACL rule
existing_rule = aws.ec2.NetworkAclRule("existing-rule",
                                       network_acl_id=acl_id,
                                       rule_number=rule_number,
                                       egress=False,
                                       opts=pulumi.ResourceOptions(delete_before_replace=True))

# Create a new Network ACL rule
new_rule = aws.ec2.NetworkAclRule("new-rule",
                                  network_acl_id=acl_id,
                                  rule_number=rule_number, # This can be the same as the deleted rule if desired
                                  egress=False,
                                  protocol="tcp",         # Example for TCP; modify as needed
                                  from_port=80,           # Example port; modify as needed
                                  to_port=80,             # Example port; modify as needed
                                  rule_action="allow",    # Can be "allow" or "deny"
                                  cidr_block="0.0.0.0/0", # Modify with your CIDR block
                                  opts=pulumi.ResourceOptions(depends_on=[existing_rule]))

# Export the ID of the new Network ACL rule
pulumi.export('new_rule_id', new_rule.id)