AWS Certified Cloud Practitioner

Amazon VPC (Virtual Private Cloud) provides network ACLs (Access Control Lists) that act as a firewall for controlling traffic in and out of subnets. Network ACLs are stateless and operate at the subnet level, allowing you to define both inbound and outbound rules to restrict connectivity to Amazon EC2 instances.

Key points about VPC Network ACLs:

• Operate at the subnet level
• Are stateless (inbound and outbound rules are evaluated separately)
• Can allow or deny traffic based on IP addresses, protocols, and ports
• Provide an additional layer of security along with security groups

Other options explained:

• AWS IAM: Manages user access and permissions to AWS services, not network connectivity
• Amazon Connect: A cloud-based contact center service
• Amazon API Gateway: A service for creating, publishing, and managing APIs