AWS::EC2::NetworkAclEntry:

Properties:
  CidrBlock: "\"172.16.0.0/24\""
  Egress: "\"true|false\""
  Icmp: |
    { "Code" => "-1|Integer", "Type" => "-1|Integer|http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml"}
  NetworkAclId: "\"String\""
  PortRange: |
    { "From" => "Integer", "To" => "Integer" }
  Protocol: "\"http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml\""
  RuleAction: "\"allow|deny\""
  RuleNumber: 100