Access control lists define the set of rules which govern the access to our resources in VPC (Virtual Private Cloud). We can block or allow external IPs to connect to our resources and allow or deny inbound or outbound traffic.
All subnets in a VPC must be associated with a NACL
Network ACL operates at subnet level. We can control inbound and outbound rules for subnets. Each rule in NACL will have a number associated with it and the lower number will have higher priority. We can edit the rule numbers to set the priority accordingly.
AWS automatically creates a default NACL in which inbound and outbound traffic is fully allowed to everyone.
We can create custom NACLs and attach them to subnets. After creating a custom NACL, all inbound and outbound traffic is fully denied to all by default. We need to configure the inbound/outbound rules as per our need.
No comments:
Post a Comment