# Use `DescribeNetworkAcls` with a CLI The following code examples show how to use `DescribeNetworkAcls`. ------ #### [ CLI ] **AWS CLI** **To describe your network ACLs** The following `describe-network-acls` example retrieves details about your network ACLs. ``` aws ec2 describe-network-acls ``` Output: ``` { "NetworkAcls": [ { "Associations": [ { "NetworkAclAssociationId": "aclassoc-0c1679dc41EXAMPLE", "NetworkAclId": "acl-0ea1f54ca7EXAMPLE", "SubnetId": "subnet-0931fc2fa5EXAMPLE" } ], "Entries": [ { "CidrBlock": "0.0.0.0/0", "Egress": true, "Protocol": "-1", "RuleAction": "allow", "RuleNumber": 100 }, { "CidrBlock": "0.0.0.0/0", "Egress": true, "Protocol": "-1", "RuleAction": "deny", "RuleNumber": 32767 }, { "CidrBlock": "0.0.0.0/0", "Egress": false, "Protocol": "-1", "RuleAction": "allow", "RuleNumber": 100 }, { "CidrBlock": "0.0.0.0/0", "Egress": false, "Protocol": "-1", "RuleAction": "deny", "RuleNumber": 32767 } ], "IsDefault": true, "NetworkAclId": "acl-0ea1f54ca7EXAMPLE", "Tags": [], "VpcId": "vpc-06e4ab6c6cEXAMPLE", "OwnerId": "111122223333" }, { "Associations": [], "Entries": [ { "CidrBlock": "0.0.0.0/0", "Egress": true, "Protocol": "-1", "RuleAction": "allow", "RuleNumber": 100 }, { "Egress": true, "Ipv6CidrBlock": "::/0", "Protocol": "-1", "RuleAction": "allow", "RuleNumber": 101 }, { "CidrBlock": "0.0.0.0/0", "Egress": true, "Protocol": "-1", "RuleAction": "deny", "RuleNumber": 32767 }, { "Egress": true, "Ipv6CidrBlock": "::/0", "Protocol": "-1", "RuleAction": "deny", "RuleNumber": 32768 }, { "CidrBlock": "0.0.0.0/0", "Egress": false, "Protocol": "-1", "RuleAction": "allow", "RuleNumber": 100 }, { "Egress": false, "Ipv6CidrBlock": "::/0", "Protocol": "-1", "RuleAction": "allow", "RuleNumber": 101 }, { "CidrBlock": "0.0.0.0/0", "Egress": false, "Protocol": "-1", "RuleAction": "deny", "RuleNumber": 32767 }, { "Egress": false, "Ipv6CidrBlock": "::/0", "Protocol": "-1", "RuleAction": "deny", "RuleNumber": 32768 } ], "IsDefault": true, "NetworkAclId": "acl-0e2a78e4e2EXAMPLE", "Tags": [], "VpcId": "vpc-03914afb3eEXAMPLE", "OwnerId": "111122223333" } ] } ``` For more information, see [Network ACLs](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html) in the *AWS VPC User Guide*. + For API details, see [DescribeNetworkAcls](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-network-acls.html) in *AWS CLI Command Reference*. ------ #### [ PowerShell ] **Tools for PowerShell V4** **Example 1: This example describes the specified network ACL.** ``` Get-EC2NetworkAcl -NetworkAclId acl-12345678 ``` **Output:** ``` Associations : {aclassoc-1a2b3c4d} Entries : {Amazon.EC2.Model.NetworkAclEntry, Amazon.EC2.Model.NetworkAclEntry} IsDefault : False NetworkAclId : acl-12345678 Tags : {Name} VpcId : vpc-12345678 ``` **Example 2: This example describes the rules for the specified network ACL.** ``` (Get-EC2NetworkAcl -NetworkAclId acl-12345678).Entries ``` **Output:** ``` CidrBlock : 0.0.0.0/0 Egress : True IcmpTypeCode : PortRange : Protocol : -1 RuleAction : deny RuleNumber : 32767 CidrBlock : 0.0.0.0/0 Egress : False IcmpTypeCode : PortRange : Protocol : -1 RuleAction : deny RuleNumber : 32767 ``` **Example 3: This example describes all your network ACLs.** ``` Get-EC2NetworkAcl ``` + For API details, see [DescribeNetworkAcls](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*. **Tools for PowerShell V5** **Example 1: This example describes the specified network ACL.** ``` Get-EC2NetworkAcl -NetworkAclId acl-12345678 ``` **Output:** ``` Associations : {aclassoc-1a2b3c4d} Entries : {Amazon.EC2.Model.NetworkAclEntry, Amazon.EC2.Model.NetworkAclEntry} IsDefault : False NetworkAclId : acl-12345678 Tags : {Name} VpcId : vpc-12345678 ``` **Example 2: This example describes the rules for the specified network ACL.** ``` (Get-EC2NetworkAcl -NetworkAclId acl-12345678).Entries ``` **Output:** ``` CidrBlock : 0.0.0.0/0 Egress : True IcmpTypeCode : PortRange : Protocol : -1 RuleAction : deny RuleNumber : 32767 CidrBlock : 0.0.0.0/0 Egress : False IcmpTypeCode : PortRange : Protocol : -1 RuleAction : deny RuleNumber : 32767 ``` **Example 3: This example describes all your network ACLs.** ``` Get-EC2NetworkAcl ``` + For API details, see [DescribeNetworkAcls](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*. ------ For a complete list of AWS SDK developer guides and code examples, see [Create Amazon EC2 resources using an AWS SDK](sdk-general-information-section.md). This topic also includes information about getting started and details about previous SDK versions.