Support modifying the association of a subnet with a network ACL

[wandrew26]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

In case you have some additional ACLs (which isn't set as the default ACL) and you create a new subnet, you have no possibility to define which ACL should be used. It will use the default ACL as standard.
Currently there is no way to modify the default ACL association of a subnet.
I think we could create an aws_subnet_network_acl_association resource to solve this problem.
Only parameters needed are subnet_id and network_acl_id.
We could get the current associated ACL with "DescribeNetworkAcls" API call filtering for the subnet id. To replace it with the new ACL id the API call "ReplaceNetworkAclAssociation" should be used.

New or Affected Resource(s)

• aws_subnet_network_acl_association

Potential Terraform Configuration

resource "aws_subnet" "public" {
  #...
}

resource "aws_network_acl" "public" {
  #...
}

resource "aws_subnet_network_acl_association" "this" {
  subnet_id      = aws_subnet.public.id
  network_acl_id = aws_network_acl.public.id
}

References

• https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html
• https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceNetworkAclAssociation.html
• Add support for aws_subnet_network_acl_association #5466

[github-actions]

This functionality has been released in v4.0.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.