VPC & Networking Flashcards
What is a private network to deploy your resources
(regional resource)?
Virtual Private Cloud (VPC)
What allows you to partition your network inside your VPC (Availability Zone resource)?
Subnet
What is the difference between public & private subnet?
Accessibility from the Internet
How do you define access to the internet and between subnets?
using Route Tables
What helps our VPC instances connect with the internet?
Internet Gateways
What allow your instances in your Private Subnets
to access the internet while remaining private?
NAT Gateways (AWS-mged) & NAT Instances (self-mged)
What is a firewall that controls traffic to/from subnet by specifying allow & deny rules?
Network ACL
What is a firewall that controls traffic to and from an
ENI / an EC2 Instance and can have only ALLOW?
Security Groups
What capture information about IP traffic going into your interfaces, helps monitor & troubleshoot connectivity issues, and captures network information from AWS managed interfaces too?
VPC Flow Logs
What is a non-transitive capability to connect 2 VPCs privately using AWS’ network?
VPC Peering
What endpoints allow you to connect to AWS
Services using a private network instead of the public www network allowing you enhanced security and
lower latency to access AWS services?
VPC Endpoints
What connects an on-premises VPN to AWS via public internet?
What about on-prem to AWS via private internet?
Which is faster?
Site to Site VPN
Direct Connect
Site-to-Site VPN is faster (5 mins) vs. Direct Connect (at least 1 mth)
What establishes a physical connection between on-premises and AWS?
Direct Connect (DX)
What 2 things need to exist to set up a Site to Site VPN?
On-prem needs Customer Gateway (CGW) and AWS must use a Virtual Private Gateway (VGW)
What connects thousands of VPC and on-premises networks together?
Transit Gateway
