121

Describe statefulness in the context of NACLs and Security Groups.

Security Groups are stateful, both ways:

  • If a particular outbound traffic is allowed, then the response inbound traffic is allowed through (regardless of inbound rules)
  • If a particular inbound traffic is allowed, then the response outbound traffic is allowed through (regardless of outbound rules)

NACLs are stateless. If you want your resources to be able to communicate through particular ports to particular targets, then you need to explicitly allow both inbound and unbound traffic.

Submit