Stateful Versus Stateless
NACLs and security groups control the flow of packets around your VPC using two different methods, stateful and stateless. Stateful means that the security control remembers which packets and interactions were allowed past in one direction and allows them back through the other way. Imagine you are a customer in a restaurant and the receptionist remembers you and lets you leave and come back at will. Stateless means that the security control has no memory of previous events and therefore a packet that has been let past in one direction will not be let back through unless specifically authorized. In the restaurant example, you would need to show some identification or a receipt to the receptionist each time you wanted to leave or re-enter the restaurant. Security groups are stateful, and therefore you only need to create inbound rules to handle these; outbound rules is automatically authorized with the same criteria. NACLs are stateless and therefore both inbound...
