Virtual Private Cloud (VPC) Networking Flashcards
What does a NAT gateway do?
It allows resources in a private subnet to access the internet.
How does a NAT gateway work?
It takes outbound traffic, changes the source IP address to its own public IP, and sends the traffic over the internet.
Responses can flow back through the NAT Gateway to the original instance in the private subnet, because the NAT Gateway keeps a record of the traffic it has translated.
Is an Elastic IP address public or private?
Public
What is the pricing for an Elastic IP?
A small hourly charge when not in use.
Are Elastic IP addresses single or multi-region?
Single region
TRUE or FALSE?
When you disassociate an Elastic IP from a resource, it automatically gets removed from your account.
FALSE
How can an Elastic IP help with the failure of an instance?
By rapidly remapping the address to another instance in your account.
TRUE or FALSE?
Elastic IPs are accessible from the internet.
TRUE
How is an Elastic IP address different to a traditional static IP address?
It’s not associated with a specific instance.
Is a NAT Gateway provisioned in the public or private subnet?
Public
TRUE or FALSE?
NAT Gateways are automatically assigned a public IP address
TRUE
An elastic ip
TRUE or FALSE?
A NAT Gateway needs to be associated with a security group in order to work.
FALSE
You don’t need to worry about opening up ports on your security group to a NAT Gateway.
TRUE or FALSE?
A NAT Gateway needs to be associated with an Elastic IP in order to work.
TRUE
In what situation would you use a NAT Gateway?
To allow instances in private subnets to access the internet for software updates, downloading patches, etc., while keeping them protected from inbound internet traffic.
Security Groups are stateful. What does this mean in practice?
This means that they keep track of the connections that are allowed. Once a connection is allowed in one direction (either inbound or outbound), the return traffic is automatically allowed, regardless of the inbound or outbound rules.