In the AWS documentation it says
Security groups are stateful — if you send a request from your instance, the response traffic for that request is allowed to flow in regardless of inbound security group rules.
I don't understand how this behavior is regarded as stateful? How would a stateless situation proceed?
I suppose that the response traffic would depend on some type of rule, but how does this relate to state?
Thanks
I went to a movie with my son. During the film, he needed to go to the restroom.
The staff member at the door let him leave the theater and allowed him to re-enter afterwards. This is an example of a stateful request -- he went out and was allowed back in. However, somebody who simply tried to get into the theater would be rejected.
Similarly, your computer at home is connected to a router. The router protects it from the evils of the Internet. Traffic can't come through your router to your computer. However, if you make a request to go to a website, that request goes out of your router and the response is allowed back in because it is stateful. That is, the router remembers that you made the request to that website and it permits the response to come back to your computer.
It simply means if you allow say outbound rule on particular port protocol ip address it will allow to get back. So whatever coms in comes out.
You can compare this with NACL as they are stateless so you need to specify inbound and outbound rules in order to allow requested traffic flow.
if you send a request from your instancethis action changes the state of the access logic. Behavior after this action is different from behavior before it. They are saying the incoming traffic might have been blocked without this. For example if some other external source like an SQS queue had triggered the incoming traffic.