NACLs

NACLs, or network access control lists, are subnet-level firewalls used in many cloud and virtual network environments. They provide stateless filtering of traffic entering and leaving a subnet, using explicit allow and deny rules. NACLs work in conjunction with security groups, which operate at the instance level and are stateful.

Each NACL has two separate rule sets: inbound and outbound. A rule specifies the protocol (such as

NACLs are associated with one or more subnets within a virtual network. All resources in a subnet

Common use cases include blocking known bad IP ranges, segmenting subnets with restricted access, and providing