scaleway
diff --git a/‎docs/resources/vpc_acl.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/resources/vpc_acl.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎internal/services/vpc/acl.go‎
Lines changed: 4 additions & 3 deletions b/‎internal/services/vpc/acl.go‎
Lines changed: 4 additions & 3 deletions
diff --git a/‎internal/services/vpc/acl_test.go‎
Lines changed: 30 additions & 0 deletions b/‎internal/services/vpc/acl_test.go‎
Lines changed: 30 additions & 0 deletions
@@ -39,7 +39,7 @@ resource "scaleway_vpc_acl" "acl01" {
 The following arguments are supported:
 
 - `vpc_id` - (Required) The VPC ID the ACL belongs to.
-- `default_policy` - (Required) The action to take for packets which do not match any rules.
+- `default_policy` - (Optional, Defaults to `accept) The action to take for packets which do not match any rules.
 - `is_ipv6` - (Optional) Defines whether this set of ACL rules is for IPv6 (false = IPv4). Each Network ACL can have rules for only one IP type.
 - `rules` - (Optional) The list of Network ACL rules.
     - `protocol` - (Optional) The protocol to which this rule applies. Default value: ANY.
 
@@ -31,7 +31,8 @@ func ResourceACL() *schema.Resource {
 			},
 			"default_policy": {
 				Type:             schema.TypeString,
-				Required:         true,
+				Optional:         true,
+				Default:          vpc.ActionAccept,
 				Description:      "The action to take for packets which do not match any rules",
 				ValidateDiagFunc: verify.ValidateEnum[vpc.Action](),
 			},
@@ -43,7 +44,7 @@ func ResourceACL() *schema.Resource {
 			},
 			"rules": {
 				Type:        schema.TypeList,
-				Required:    true,
+				Optional:    true,
 				Description: "The list of Network ACL rules",
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
@@ -201,7 +202,7 @@ func ResourceVPCACLDelete(ctx context.Context, d *schema.ResourceData, m any) di
 	_, err = vpcAPI.SetACL(&vpc.SetACLRequest{
 		VpcID:         locality.ExpandID(ID),
 		Region:        region,
-		DefaultPolicy: "drop",
+		DefaultPolicy: vpc.ActionAccept,
 	}, scw.WithContext(ctx))
 	if err != nil {
 		return diag.FromErr(err)
 
@@ -13,6 +13,36 @@ import (
 )
 
 func TestAccACL_Basic(t *testing.T) {
+	tt := acctest.NewTestTools(t)
+	defer tt.Cleanup()
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { acctest.PreCheck(t) },
+		ProviderFactories: tt.ProviderFactories,
+		CheckDestroy:      isACLDestroyed(tt),
+		Steps: []resource.TestStep{
+			{
+				Config: `
+					resource "scaleway_vpc" "vpc01" {
+					  name = "tf-vpc-acl-basic"
+					}
+					
+					resource "scaleway_vpc_acl" "acl01" {
+					  vpc_id   = scaleway_vpc.vpc01.id
+					  is_ipv6  = false
+					}
+				`,
+				Check: resource.ComposeTestCheckFunc(
+					isACLPresent(tt, "scaleway_vpc_acl.acl01"),
+					resource.TestCheckResourceAttrPair("scaleway_vpc_acl.acl01", "vpc_id", "scaleway_vpc.vpc01", "id"),
+					resource.TestCheckResourceAttr("scaleway_vpc_acl.acl01", "is_ipv6", "false"),
+					resource.TestCheckResourceAttr("scaleway_vpc_acl.acl01", "default_policy", "accept"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccACL_WithRules(t *testing.T) {
 	tt := acctest.NewTestTools(t)
 	defer tt.Cleanup()
 	resource.ParallelTest(t, resource.TestCase{