![VPC] What is a Network ACL?](https://aws.darcy-it.com/wp-content/uploads/2021/03/2021-05-21_17h26_32.png)
An ACL is an access control list.
VPC] What is a Network ACL?
feature
A Network Access Control List (ACL) is an optional layer of security for a VPC that acts as a firewall to control inbound and outbound traffic on one or more subnets.
To add an additional layer of security to the VPC, a network ACL can be set up with rules similar to those for security groups.
Network ACLs can also control traffic, but
Network ACLs are applied to subnets and
and
security groups are set on instances such as EC2.
instance, such as EC2.
It is appropriate to use security groups to control traffic between servers.
Network ACLs are
stateless
and
The need to consider return
and return
Network ACL rules are
evaluated from a low value to a high value.
and as soon as a matching allow/deny rule is set
As soon as a matching allow/deny rule is set, it is executed.
The rules are evaluated from low to high.
