Confused by the wording on aws_default_network_acl


I’m trying to update the default ACL of a VPC in AWS. And I’m a bit confused by the “scary” words used in the doc (for reference: Terraform Registry)


The doc also mentions the ability to import this resource (with a new enough version of the AWS provider).

Since this VPC is taking live traffic, I obviously don’t want to mess this up.
My understanding is that by importing this resource, I should be able to “adopt” this default acl in terraform without actually deleting any of the egress/ingress rules. And then update them after the fact.

Is this safe? Or should I be doing something else?
Thanks for the help!