:doc:`EC2 <../../ec2>` / Paginator / DescribeNetworkAcls

*******************
DescribeNetworkAcls
*******************



.. py:class:: EC2.Paginator.DescribeNetworkAcls

  ::

    
    paginator = client.get_paginator('describe_network_acls')

  
  

  .. py:method:: paginate(**kwargs)

    Creates an iterator that will paginate through responses from :py:meth:`EC2.Client.describe_network_acls`.

    See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeNetworkAcls>`_    


    **Request Syntax**
    ::

      response_iterator = paginator.paginate(
          DryRun=True|False,
          NetworkAclIds=[
              'string',
          ],
          Filters=[
              {
                  'Name': 'string',
                  'Values': [
                      'string',
                  ]
              },
          ],
          PaginationConfig={
              'MaxItems': 123,
              'PageSize': 123,
              'StartingToken': 'string'
          }
      )
      
    :type DryRun: boolean
    :param DryRun: 

      Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ``DryRunOperation``. Otherwise, it is ``UnauthorizedOperation``.

      

    
    :type NetworkAclIds: list
    :param NetworkAclIds: 

      The IDs of the network ACLs.

      

    
      - *(string) --* 

      
  
    :type Filters: list
    :param Filters: 

      The filters.

       

      
      * ``association.association-id`` - The ID of an association ID for the ACL.
       
      * ``association.network-acl-id`` - The ID of the network ACL involved in the association.
       
      * ``association.subnet-id`` - The ID of the subnet involved in the association.
       
      * ``default`` - Indicates whether the ACL is the default network ACL for the VPC.
       
      * ``entry.cidr`` - The IPv4 CIDR range specified in the entry.
       
      * ``entry.icmp.code`` - The ICMP code specified in the entry, if any.
       
      * ``entry.icmp.type`` - The ICMP type specified in the entry, if any.
       
      * ``entry.ipv6-cidr`` - The IPv6 CIDR range specified in the entry.
       
      * ``entry.port-range.from`` - The start of the port range specified in the entry.
       
      * ``entry.port-range.to`` - The end of the port range specified in the entry.
       
      * ``entry.protocol`` - The protocol specified in the entry ( ``tcp`` | ``udp`` | ``icmp`` or a protocol number).
       
      * ``entry.rule-action`` - Allows or denies the matching traffic ( ``allow`` | ``deny``).
       
      * ``entry.egress`` - A Boolean that indicates the type of rule. Specify ``true`` for egress rules, or ``false`` for ingress rules.
       
      * ``entry.rule-number`` - The number of an entry (in other words, rule) in the set of ACL entries.
       
      * ``network-acl-id`` - The ID of the network ACL.
       
      * ``owner-id`` - The ID of the Amazon Web Services account that owns the network ACL.
       
      * ``tag`` - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key ``Owner`` and the value ``TeamA``, specify ``tag:Owner`` for the filter name and ``TeamA`` for the filter value.
       
      * ``tag-key`` - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
       
      * ``vpc-id`` - The ID of the VPC for the network ACL.
      

      

    
      - *(dict) --* 

        A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.

         

        If you specify multiple filters, the filters are joined with an ``AND``, and the request returns only results that match all of the specified filters.

         

        For more information, see `List and filter using the CLI and API <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html#Filtering_Resources_CLI>`__ in the *Amazon EC2 User Guide*.

        

      
        - **Name** *(string) --* 

          The name of the filter. Filter names are case-sensitive.

          

        
        - **Values** *(list) --* 

          The filter values. Filter values are case-sensitive. If you specify multiple values for a filter, the values are joined with an ``OR``, and the request returns all results that match any of the specified values.

          

        
          - *(string) --* 

          
      
      
  
    :type PaginationConfig: dict
    :param PaginationConfig: 

      A dictionary that provides parameters to control pagination.

      

    
      - **MaxItems** *(integer) --* 

        The total number of items to return. If the total number of items available is more than the value specified in max-items then a ``NextToken`` will be provided in the output that you can use to resume pagination.

        

      
      - **PageSize** *(integer) --* 

        The size of each page.

        

      
      - **StartingToken** *(string) --* 

        A token to specify where to start paginating. This is the ``NextToken`` from a previous response.

        

      
    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax**

      
      ::

        {
            'NetworkAcls': [
                {
                    'Associations': [
                        {
                            'NetworkAclAssociationId': 'string',
                            'NetworkAclId': 'string',
                            'SubnetId': 'string'
                        },
                    ],
                    'Entries': [
                        {
                            'CidrBlock': 'string',
                            'Egress': True|False,
                            'IcmpTypeCode': {
                                'Code': 123,
                                'Type': 123
                            },
                            'Ipv6CidrBlock': 'string',
                            'PortRange': {
                                'From': 123,
                                'To': 123
                            },
                            'Protocol': 'string',
                            'RuleAction': 'allow'|'deny',
                            'RuleNumber': 123
                        },
                    ],
                    'IsDefault': True|False,
                    'NetworkAclId': 'string',
                    'Tags': [
                        {
                            'Key': 'string',
                            'Value': 'string'
                        },
                    ],
                    'VpcId': 'string',
                    'OwnerId': 'string'
                },
            ],
            
        }
        
      **Response Structure**

      

      - *(dict) --* 
        

        - **NetworkAcls** *(list) --* 

          Information about the network ACLs.

          
          

          - *(dict) --* 

            Describes a network ACL.

            
            

            - **Associations** *(list) --* 

              Any associations between the network ACL and your subnets

              
              

              - *(dict) --* 

                Describes an association between a network ACL and a subnet.

                
                

                - **NetworkAclAssociationId** *(string) --* 

                  The ID of the association between a network ACL and a subnet.

                  
                

                - **NetworkAclId** *(string) --* 

                  The ID of the network ACL.

                  
                

                - **SubnetId** *(string) --* 

                  The ID of the subnet.

                  
            
          
            

            - **Entries** *(list) --* 

              The entries (rules) in the network ACL.

              
              

              - *(dict) --* 

                Describes an entry in a network ACL.

                
                

                - **CidrBlock** *(string) --* 

                  The IPv4 network range to allow or deny, in CIDR notation.

                  
                

                - **Egress** *(boolean) --* 

                  Indicates whether the rule is an egress rule (applied to traffic leaving the subnet).

                  
                

                - **IcmpTypeCode** *(dict) --* 

                  ICMP protocol: The ICMP type and code.

                  
                  

                  - **Code** *(integer) --* 

                    The ICMP code. A value of -1 means all codes for the specified ICMP type.

                    
                  

                  - **Type** *(integer) --* 

                    The ICMP type. A value of -1 means all types.

                    
              
                

                - **Ipv6CidrBlock** *(string) --* 

                  The IPv6 network range to allow or deny, in CIDR notation.

                  
                

                - **PortRange** *(dict) --* 

                  TCP or UDP protocols: The range of ports the rule applies to.

                  
                  

                  - **From** *(integer) --* 

                    The first port in the range.

                    
                  

                  - **To** *(integer) --* 

                    The last port in the range.

                    
              
                

                - **Protocol** *(string) --* 

                  The protocol number. A value of "-1" means all protocols.

                  
                

                - **RuleAction** *(string) --* 

                  Indicates whether to allow or deny the traffic that matches the rule.

                  
                

                - **RuleNumber** *(integer) --* 

                  The rule number for the entry. ACL entries are processed in ascending order by rule number.

                  
            
          
            

            - **IsDefault** *(boolean) --* 

              Indicates whether this is the default network ACL for the VPC.

              
            

            - **NetworkAclId** *(string) --* 

              The ID of the network ACL.

              
            

            - **Tags** *(list) --* 

              Any tags assigned to the network ACL.

              
              

              - *(dict) --* 

                Describes a tag.

                
                

                - **Key** *(string) --* 

                  The key of the tag.

                   

                  Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with ``aws:``.

                  
                

                - **Value** *(string) --* 

                  The value of the tag.

                   

                  Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.

                  
            
          
            

            - **VpcId** *(string) --* 

              The ID of the VPC for the network ACL.

              
            

            - **OwnerId** *(string) --* 

              The ID of the Amazon Web Services account that owns the network ACL.

              
        
      
    