Why can't I add ACL's to all my switch interfaces?

In AW+ switches, poorly configured, unnecessary, or redundant Access Lists can over-extend a switch's silicone hardware resources.  Hardware ACL's (type "hardware" or numbered 3000-3699 or 4000-4699) are applied at the switch silicon to physical ports, whereas standard and extended ACL's are applied in software at the CPU.  Hardware ACL's, therefore, operate more efficiently by not using software-managed CPU resources.  However, there are hardware limitations within the switch processor that caps the amount of this kind of hardware-based filtering that can be done.

If you notice that you cannot apply a configured hardware ACL to a switchport, and you see errors like...
 
...or configured ACL's are "disappearing" from switchport configurations after a reboot, then you've likely reached these hardware limits.

Enter the command:
You'll be able to see numerical values for used/available resources for classification of traffic in hardware.
 
If you see something like what's highlighted above, the switch is out of silicon resources for that particular type of classifier.  The numerical value does not necessarily represent a one-to-one relationship with the number of ACL's, or lines of configuration, etc..  The example above does not mean that there are 244 configured ACL's, or 244 lines of ACL-related configuration.  Different ACL's will use differing volumes of hardware entries (resources) depending on how they are configured.

Verify that your ACL's are truly needed, and applied only to the necessary interfaces.  One of the best ways to work around this type of issue is to use QoS "service-policy input" (policy maps) instead of hardware ACL's.  Service policies are processed in software at the CPU, so will use no hardware resources.