Discussion: VPC - Build Your Own Custom VPC Flashcards
If I have multiple VPCs created, may I use the same CIDR block, i.e. 10.0.0.0/16 for each VPC?
If there’s no peering needed
Several questions indicate that in order to make an EC2 instance in a non-default/private subnet, 2-way internet accessible you need to add an elastic IP. Is that because the instance is already running and that’s the only way to add a public IP to a running instance? Specifying “Auto-assign Public IP” at launch time has the same effect, correct?
You can assign and unassign IPv4 and IPv6 IP addresses on each network interface. Leave the IP address field blank and an available address will be assigned or enter an IP address that you want to assign. To add or edit an IPv4 public IP Allocate an Elastic IP to this instance or network interface.
Yes I think so ! Elastic IP’s can be allocate to an Private Instance through the Manage IP section even after the Instance is up and running
In this lecture to access the DB server from the jump host you are copying the private key on to the bastion host. Which is not a safe practice as publicly accessible jump hosts are the first ones to be hacked.
Is there a better way of doing this, like using a combination of IAM role and instance metadata, which gives temporary credentials to access other AWS services?
There is a better way indeed. If you connect to the first host with -A, it enables SSH Key forwarding, and your local ssh key will be used to connect to the second host