I was looking at some configurations on 3850 switches where the engineer has configured the standard and extended ACLs for SNMP, but surprisingly they were not applied to any of the ingress or egress interfaces.
Don't know what's the reason, please help me understanding this.
As Francesco has already noted, a SNMP ACL can be assigned to SNMP community string. This then uses that ACL against a SNMP request using that community from any port.
You could use port ACLs, but then you couldn't have different ACLs per SNMP community.
Another advantage of attaching the ACLs to the SNMP community, it doesn't subject all other port traffic to the SNMP ACL. The SNMP ACL is only applied to traffic using a specific SNMP community to the device.