AWS’s firewall
stateful changes occur immediately

everything that you allow in will be (default) allowed out - all out-bound traffic is allowed by default

everything blocked by default - you can only allow not deny

you can multiple security groups

Sec groups vs. ACLs