networking – FTP rule for NACL in AWS

so I need to connect to an external FTP service that resides outside of my VPC boundaries.

I added an outbound rule to a specific IP address and both TCP ports: 20 and 21

Do I need to add and inbound rule as well for both same ports?

My doubt is around TCP connection: since TCP is connection oriented my guess is that I need it.

(I cannot make tests so far)