From the course: VPC Networking on AWS: Configuration, Security, and Connectivity
Join today to access over 24,900 courses taught by industry experts.
Network ACLs - Amazon Web Services (AWS) Tutorial
From the course: VPC Networking on AWS: Configuration, Security, and Connectivity
Network ACLs
- [Instructor] In this lesson, we're going to take a look at network ACLs, access control lists, lists of possibilities. Am I allowed or denied to get onto a subnet? So the purpose of the network ACL is to control the traffic at the subnet boundary. What's on the subnet? An EC2 instance. You're not getting to that instance unless you can get onto the subnet. And maybe you get to the instance, but then you can't get off the subnet 'cause the network control list defines what's allowed coming in and what's allowed going out. It also can deny and say, "You're not getting in at all." Subnet level traffic control is the purpose of the network ACL, and by default, there is a network ACL that doesn't do anything. It's there as a default. Amazon expects you to set it up the way you want to set it up and define your rules as to what traffic is allowed inbound or leaving. And the resources on that subnet are one thing, but the NACL isn't friendly. You've either defined the ports that have to be…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.