VPC and Networking Flashcards
What does VPC mean
Virtual Private Cloud - private network to deploy your resources (regional resource)
What is a public subnet
a subnet that is accessible from the internet
What is a private subnet
A subnet that is not accessible from the internet
What do you use to determine access to the internet and between subnets
you use routing tables
What is NACL
Network ACL - A firewall which controls traffic from and to subnet
Can have ALLOW and DENY rules
Are attached at the Subnet level
Rules only include IP addresses
What is a Security Groups
A firewall that controls traffic to and from an ENI/ an EC2 instance
Can have only ALLOW rules
Rules inlcude IP addresses and other security groups
What are VPC Flow Logs
Captures info about IP traffic going into your interface
-VPC Flow logs
-Subnet Flow Logs
-Elastic Network Interface Flow logs
Helps to monitor and troubleshoot connectivity issues
Captures network info from AWS managed interfaces too
VPC Flow logs data can go to S3 / CloudWatch Logs
What is VPC Peering
Connect two VPC, privately using AWS network
Make them behave as if they were in the same network
Must not have overlapping CIDR(IP address range)
VPC peering connection is not transitive( must be established for each VPC)
What is a VPC endpoint
Allow you to connect to AWS Services using a private network instead of the public www network
Offers enhanced security and lower latency to access AWS services
What is Site to Site VPN
Connect an on-premises VPN to AWS
The connection is automatically encrypted
Goes over the public internet
What is Direct Connect (DX)
Establish a physical connection between on-premises and AWS
The connection is private, secure and fast
Goes over a private network
Takes at least a month to establish
What is a Transit Gateway
A peering gateway between thousands of VPC and on-premises, hub-and-spoke (star) connection
Basically a switch linking things together
