Network misconfigurations

Unused Network ACL

Risk Level

Informational (4)



A network access control list (ACL) operates as a firewall for regulating traffic in and out of one or more subnets in a virtual private cloud. A virtual private cloud (VPC) is a private virtual network in your AWS account, which is logically isolated from other virtual networks in AWS cloud. A VPC subnet is a subdivision of the VPC network, which has a range of IP addresses. Network ACL is an optional layer of protection for your VPC subnets. It was found that the network ACL {AwsEc2NetworkAcl} is not associated with a subnet, and therefore unused.
  • Recommended Mitigation

    It is recommended to delete any unused network ACL in order to follow AWS best practices. For more information please see <a href="" target="_blank" rel="noopener noreferrer"></a>