VPC Summary Flashcards
Think of VPC as…
…a logical datacenter in AWS
1 Subnet =
1 AZ
Security Groups are…
…stateful
Network ACLs are…
…stateless
Can you peer VPCs in same account?
Yes
Can you peer VPCs in different accounts?
Yes
Transitive peering?
No
When creating a NAT instance…
…disable Source/Destination Check on the instance
NAT instances must be in which subnet?
Public
For NAT instance to work…
…must have elastic IP address, must be a route out of the private subnet to the NAT instance
How much traffic do NAT instances support?
Depends on the instance size. If bottlenecking, increase the instance size.
You can create high availability using…
…AutoScaling Groups, multiple subnets in different AZs, a script to automate failover
T/F: NAT Instances are behind a security group.
True
What are the key features of NAT Gateways?
- Scale automatically up to 10 Gbps.
- No need to patch.
- Not associated with security groups.
- Automatically assigned a public IP.
- Do not need to disable source/dest check.
Default NACL…
…automatically created with a VPC and by default it allows all inbound and outbound traffic