Networking Flashcards
VPC
Virtual Private Cloud is basically a part of the cloud that you reserve for your resources only and control in/out access to it.
Virtual Private Gateway
Use when you want to keep the network private and only allow approved inbound traffic. It basically allows protected internet traffic to enter into the VPC.
Internet Gateway
Is attached to the VPC and allows public traffic from the internet to access your VPC.
AWS Direct Connect
Dedicate private connection between your data center and your AWS VPC.
Subnets
Logically isolated parts inside a VPC where you create resources such as EC2 Instances and databases.
Two types: Public Subnet and Private Subnet.
Public Subnet can connect to the internet, private doesn’t.
NACL
Checks traffic coming in and going out of the Subnets.
Network Access Control List controls access into and outside of Subnets.
Whatever enters doesn’t necessarily goes outside.
Secutiry Group
Suppose an NACL passes a packet to enter the subnet but that doesn’t mean it can go to all the EC2 instances in that subnet. Here comes the Security Group.
By default, Security groups doesn’t allow any traffic. All ports are blocked, all IP Addresses are blocked.
They check for incoming traffic but doesn’t check outgoing traffic.
They are stateful meaning if a packet left the security group and it comes back later, by default it is allowed inside because the security groups remembers it.