Network ACL Inbound Terraform Module
This Terraform Module launches is a simple helper for adding inbound rules to a Network ACL. Network ACLs can be a bit tricky to work with because they are stateless, which means that opening an inbound port is often not enough; you also need to open ephemeral outbound ports which your services use to respond. This can be very easy to forget, so this module adds not only the inbound ports to an ACL, but also the ephemeral outbound ports for return traffic.
See the network-acl-outbound module for the analogous version of this module, but for opening outbound ports.
What's a Network ACL?
Network ACLs provide an extra layer of network security, similar to a security group. Whereas a security group controls what inbound and outbound traffic is allowed for a specific resource (e.g. a single EC2 instance), a network ACL controls what inbound and outbound traffic is allowed for an entire subnet.