VPC Lab Flashcards
What resources get created automatically when you provision a VPC?
Default Route
Default NACL
Default Security Group
What does not get created when you provision a VPC?
Subnets
How many IP addresses from your subnet will be reserved by AWS?
5
Which IP addresses are reserved by AWS?
x. x.x.0 - 3
x. x.x.255
What is the x.x.x.0 IP address?
The network address
What is the x.x.x.1 IP address?
VPC router
What is the x.x.x.2 IP address?
DNS
What is the x.x.x.3 IP address?
Reserved for future use
What is the x.x.x.255 IP address?
Network broadcast address
True or false: Network broadcast is unsupported in AWS VPC?
True. This is why AWS reserves this IP address.
True or false, you can have as many Internet Gateways as you need in a VPC?
False. You are limited to one.
To what resource is a subnet attached?
The route table
Which route table is a subnet attached by default?
The default route table
True or false: It is best practice to allow your main route table internet access?
False. Since new subnets are automatically assigned to a route table, it is best to not associate an internet connection to it. Instead, use an alternate route table with internet access and explicitly add the subnet to it when it is ready.
To provide a VPC with internet access, what steps must be done?
- Create an internet gateway
- Create a route table (or modify an existing)
- Add a route from a specified CIDR to the specified internet gateway
True or false: When you create a route for IP4, a similar route is created for IP6
False. You must create an IP6 route as well.
True or false: By default, custom subnets do not automatically assign IP addresses?
True. This must be enabled.
True or false: Security groups do not span VPCs?
True, you must create new security groups for each VPC
What is a VPC Endpoint?
A route that allows access to an AWS service (such as s3) over the private network.
