resource "aws_network_acl" "main" { vpc_id = "${aws_vpc.vpc.id}" egress { protocol = "tcp" rule_no = 100 action = "allow" cidr_block = "0.0.0.0/0" from_port = 1024 to_port = 65535 } egress { protocol = "tcp" rule_no = 200 action = "allow" cidr_block = "0.0.0.0/0" from_port = 80 to_port = 80 } ingress { protocol = "tcp" rule_no = 100 action = "allow" cidr_block = "0.0.0.0/0" from_port = 80 to_port = 80 } ingress { protocol = "tcp" rule_no = 200 action = "allow" cidr_block = "0.0.0.0/0" from_port = 32768 to_port = 61000 } subnet_ids = ["${aws_subnet.public_subnet_a.id}"] tags { Name = "demo" } }