My earlier reply was done on my phone, now, on my PC, I'll elaborate a bit further.
OP has:
"How to command to deny vlan20 to communicate vlan10 ?
But vlan10 can communicate to vlan20."
How do yo define communication? Communication can be strictly unidirectional, including on networks, but often, especially on networks, bidirectional traffic is required.
For example, with an ACL like @khorram1998 posted, VLAN 10 could send a UDP packet VLAN 20, but VLAN 20 cannot send anything to VLAN 10. If this is your goal, what @khorram1998 posted works fine.
But for another example, VLAN 10 want to send a file to VLAN 20, using tftp. Although tftp, itself, uses UDP packets, the tftp application does expect its own protocol ACKs that what it sent was actually received. As the ACL @khorram1998 provided, blocks all traffic from VLAN 20 to VLAN 10, tftp wouldn't work. Similar issue for FTP and many other protocols.
It's certainly possible, in some, but perhaps not all, cases, you can add ACEs to @khorram1998's ACL allowing for specific kinds of return traffic. Assuming you can do this for the particular protocols you want to support, the ACL can expand, in ACEs, as you support every specific case. Further, the ACL would permit VLAN 20 to initiate traffic that looks like response traffic, but it might not be such traffic.
Perhaps a "better" solution is using a reflexive ACL, as I mentioned in my prior post. In brief, this would allow VLAN 10 to send traffic to VLAN 20 but only accept VLAN 20 traffic if it appears to be in response to something VLAN 10 sent to VLAN 20. VLAN 20, though, would be blocked from sending unexpected traffic to VLAN 10.
Again, much depends on how you need to "communicate".
More info, about reflexive ACLs: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_acl/configuration/15-mt/sec-data-acl-15-mt-book/sec-cfg-ip-filter.html?dtid=osscdc000283
