diff --git a/upi/aws/cloudformation/01_vpc.yaml b/upi/aws/cloudformation/01_vpc.yaml
index 57428465600..de55a49b2fc 100644
--- a/upi/aws/cloudformation/01_vpc.yaml
+++ b/upi/aws/cloudformation/01_vpc.yaml
@@ -115,87 +115,6 @@ Resources:
     Properties:
       SubnetId: !Ref PublicSubnet3
       RouteTableId: !Ref PublicRouteTable
-  PublicNetworkAcl:
-    Type: "AWS::EC2::NetworkAcl"
-    Properties:
-      VpcId: !Ref VPC
-  InboundHTTPPublicNetworkAclEntry:
-    Type: "AWS::EC2::NetworkAclEntry"
-    Properties:
-      NetworkAclId: !Ref PublicNetworkAcl
-      RuleNumber: "100"
-      Protocol: "6"
-      RuleAction: allow
-      Egress: "false"
-      CidrBlock: 0.0.0.0/0
-      PortRange:
-        From: "80"
-        To: "80"
-  InboundHTTPSPublicNetworkAclEntry:
-    Type: "AWS::EC2::NetworkAclEntry"
-    Properties:
-      NetworkAclId: !Ref PublicNetworkAcl
-      RuleNumber: "101"
-      Protocol: "6"
-      RuleAction: allow
-      Egress: "false"
-      CidrBlock: 0.0.0.0/0
-      PortRange:
-        From: "443"
-        To: "443"
-  InboundSSHPublicNetworkAclEntry:
-    Type: "AWS::EC2::NetworkAclEntry"
-    Properties:
-      NetworkAclId: !Ref PublicNetworkAcl
-      RuleNumber: "102"
-      Protocol: "6"
-      RuleAction: allow
-      Egress: "false"
-      CidrBlock: 0.0.0.0/0
-      PortRange:
-        From: "22"
-        To: "22"
-  InboundEphemeralPublicNetworkAclEntry:
-    Type: "AWS::EC2::NetworkAclEntry"
-    Properties:
-      NetworkAclId: !Ref PublicNetworkAcl
-      RuleNumber: "103"
-      Protocol: "6"
-      RuleAction: allow
-      Egress: "false"
-      CidrBlock: 0.0.0.0/0
-      PortRange:
-        From: "1024"
-        To: "65535"
-  OutboundPublicNetworkAclEntry:
-    Type: "AWS::EC2::NetworkAclEntry"
-    Properties:
-      NetworkAclId: !Ref PublicNetworkAcl
-      RuleNumber: "100"
-      Protocol: "6"
-      RuleAction: allow
-      Egress: "true"
-      CidrBlock: 0.0.0.0/0
-      PortRange:
-        From: "0"
-        To: "65535"
-  PublicSubnetNetworkAclAssociation:
-    Type: "AWS::EC2::SubnetNetworkAclAssociation"
-    Properties:
-      SubnetId: !Ref PublicSubnet
-      NetworkAclId: !Ref PublicNetworkAcl
-  PublicSubnetNetworkAclAssociation2:
-    Type: "AWS::EC2::SubnetNetworkAclAssociation"
-    Condition: DoAz2
-    Properties:
-      SubnetId: !Ref PublicSubnet2
-      NetworkAclId: !Ref PublicNetworkAcl
-  PublicSubnetNetworkAclAssociation3:
-    Type: "AWS::EC2::SubnetNetworkAclAssociation"
-    Condition: DoAz3
-    Properties:
-      SubnetId: !Ref PublicSubnet3
-      NetworkAclId: !Ref PublicNetworkAcl
   PrivateSubnet:
     Type: "AWS::EC2::Subnet"
     Properties: