VPC - NATs vs Bastions Flashcards
1
Q
NAT vs Bastion
A
NAT: routes traffic from Internet to EC2 instances in private subnets and is Linux, so can SSH but cannot RDP
Bastion: used to securely administer EC2 instances using SSH/RDP in private subnets
2
Q
Bastion use case
A
Administration only
3
Q
Scenario: how to make a bastion instance highly available?
A
Need multiple public subnets. can have a bastion in each public subnet. implement Autoscaling groups
4
Q
Bastion example
A
Think of the webserver created in the lab, where we ssh into public and then private instance