A Network ACL is a firewall that is associated with a subnet within your VPC. It is used to
filter the network traffic that enters and exits the subnet.
An IAM Policy is used to assign permissions to users and roles.
A Bucket Policy is used with Amazon S3 buckets to control access.
A Security Group is a firewall that is associated with an EC2 instances (not the subnet).
Security Groups control the traffic the inbound and outbound network traffic from/to the
instance.