VPC

Question 1

What is a VPC and subnets?

Answer 1

VPC is a private network to deploy your resources (one per region)
Subnets allow to partition the network inside the VPC (AZ)

Question 2

What is the difference between internet gateway and NAT gateway?

Answer 2

Internet gateway helps the instances on public subnets to connect to the internet
NAT gateway helps instances on a private subnet connect to the internet while remaining private

Question 3

What is the difference between NACL and security groups?

Answer 3

NACL:
* controls traffic from and to a subnet
* can have allow and deny rules
* stateless: return traffic must be explicitly allowed by rules

EC2:
* controls traffic from and to an EC2 instance
* can have only allow rules
* stateful: return traffic is automatically allowed, regardless of any rules

Question 4

What is VPC peering?

Answer 4

Is a way to connect two VPCs privately using AWS’ network, making them behave as if they were in the same network
VPC peering connection is not transitive, must be established for each VPC pair

Question 5

What are VPC endpoints?

Answer 5

Allows to connect to AWS services using a private network instead of the public network

Question 6

How can you establish connection between your on premises data center and your cloud VPC?

Answer 6

Site to site VPN:
* using encrypted traffic
* goes over the public internet
Direct connect:
* establish physical connection between the datacenter and AWS

Question 7

What is the three tier solution architecture?

Answer 7

Public subnet: ELB, route 53
Private subnet: ASG, EC2
Data subnet: ElastiCache, RDS

Question 8

What is the LAMP stack?

Answer 8

• Linux, apache, mysql, PHP
• Can add redis to include a caching
• EBS drive to store local data