Module 4: Networking Flashcards
What is and Amazon Virtual Private Network (VPC)?
A service that allows you to launch resources in a virtual network that you define. Think Coffee customer to till server and not barista.
What two ways can someone enter a VPC?
Via and internet gateway
Via a virtual private gateway
What is required by the requester to enter via a virtual private gateway
They need to have a VPN Connection
What is a subnet and the types based on the gateway?
A subnet is a range of IP addresses in your VPC e.g. instances or databases.
A public subnet is created with an internet gateway
A private subnet is created with a virtual private gateway
What is the AWS Direct Connect services?
Establish a dedicated connection between an on-premises data center and the VPC
What is a network access control list (network ACL)?
A virtual firewall for a subnet. By default, it allows all inbound and outbound traffic but when customized is will deny all traffic except those specified.
Netowork ACLs perform stateless packet filtering. What does stateless mean?
Is does not remember the “credentials” of the traffic coming through. Like a bouncer who checks your ID again when you only went out to the smoking area.
What is a security group?
A virtual firewall for an EC2 instance. By default, a security group denies all inbound traffic and allows outbound traffic.
Security groups perform stateful packet filtering. What does this mean?
They remember the previous decisions that were made for incoming packets. Think a bouncer that remembers you from scanning your ID earlier and lets you in again without checking.
What is route 53?
It has similar properties to Cloudfront except better for website as opposed to content delivery. It also is used to manage DNS records for domain names.
Service that “signals” which instance to delay to and will check the health of the instance before doing so.
What is DNS resolution?
Translation of domain names into IP addresses
