Help Center/ Cloud Data Center / User Guide/ Network/ CloudDCN Subnet Network ACL/ Creating a Network ACL Dedicated for CloudDCN Subnets
Updated on 2025-03-31 GMT+08:00

Creating a Network ACL Dedicated for CloudDCN Subnets

Scenarios

A network ACL protects all the instances in the associated CloudDCN subnets. You can create a network ACL by referring to this section.

Procedure

  1. Go to the network ACL list page.
  2. In the upper right corner of the Network ACL list, click Create Network ACL.
  3. Set the parameters for as prompted.
    Table 1 Parameters for configuring a network ACL dedicated for CloudDCN subnets

    Parameter

    Description

    Example Value

    Region

    Mandatory

    A network ACL can only be associated with the CloudDCN subnets in the same region.

    -

    Name

    Mandatory

    The name of the network ACL.

    The name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

    fw-A

    Type

    Mandatory

    There are two options:
    • General: The network ACL can be associated with general subnets.
    • CloudDCN: The network ACL can be associated with CloudDCN subnets.

    CloudDCN

    Description

    Supplementary information about the Network ACL. This parameter is optional.

    The description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

    N/A

  4. Click Create Now.

Follow-up Operations

  1. A network ACL comes with default inbound and outbound rules that deny all traffic in and out of associated CloudDCN subnets. You can add custom rules to allow traffic by referring to Adding Network ACL Rules for CloudDCN Subnets. Traffic will preferentially match the custom rules.
  2. You can associate the network ACL with one or more CloudDCN subnets by referring to Associating CloudDCN Subnets with a Network ACL. If it is enabled, it controls traffic in and out of the subnets.