I'm playing around with AWS VPC's and I'm hitting an interesting case that I don't understand.
Here's what I've created so far:
- A VPC
- A single subnet in that VPC
- An internet gateway to allow for access into the VPC
- A route table to properly route traffic to my subnet.
- An EC2 instance in the subnet, with a security group that only allows SSH into it.
- A Network ACL that only allows inbound and outbound SSH from any IP into that subnet.
For some reason, with this setup I cannot SSH into my EC2 instance. However, when I update the NACL to allow all outbound TCP traffic I can SSH in.
Is there some other external traffic that the EC2 instance is needing to do in order to enable SSH to work correctly?