I'm trying to get hold of all NACLs that do not have the word "public" in the value of the tag called Name.
I can see on this page https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html that it is possible to carry out an inverse search.
However, everything I'm trying is failing.
For example, I declare the object and the tag:
$inverseNameFilter = new-object Amazon.EC2.Model.Filter
$inverseNameFilter.name = 'tag:Name'
And then these are the results I receive, for various methods I've tried:
$inverseNameFilter.Value = '!public'
(Get-EC2NetworkAcl -region $region -filter $inverseNameFilter).count
result: 0
$inverseNameFilter.Value = '!*public*'
(Get-EC2NetworkAcl -region $region -filter $inverseNameFilter).count
result: 0
$inverseNameFilter.Value = '*public*'
(Get-EC2NetworkAcl -region $region -filter $inverseNameFilter).count
result: 3 (So there are clearly three NACLs with Name tags containing public)
(Get-EC2NetworkAcl -region $region).count
result: 18 (so there are clearly 18 NACLs in this region)
How do I carry out an inverse search to find the 15 NACLs that do not contain the word "public"?
It looks like the filter doesn't actually support negation (see comment by Mathias R. Jessen)
However, I've found a way to exclude the results using this PowerShell filtering rather than AWS filtering. It means the processing occurs at the client rather than at AWS, but gives me sufficient results:
(Get-EC2NetworkAcl -region $region | Where-Object -FilterScript { ([string]$_.tags.Value) -notmatch "public"}).count
15