Cloud-Native Networking Services
Region the geographical location of your network
VPC(virtual private cloud) a logically isolated section of the AWS Cloud where you can launch AWS resources
AZ the data center of your AWS resources
Subnets a logical partition of an IP network into multiple, smaller network segments
Security Groups Acts as firewall at the instance level
NACLS Acts as a firewalls at the subnet level
Route Tables determine where network traffic from your subnets are Directed
Internet Gateway Enable access to the Internet
Enterprise/Hybrid Networking:
Direct Connect dedicated gigabit connection from on- premise data-center to AWS (a very fast connection)
AWS Virtual Private Network (VPN) a secure connection between on-premise, remote offices, mobile employees.
Private Links (VPC Interface Endpoints) keeps traffic within the AWS network and not traverse the internet to keep traffic is secure.
Virtual Private Cloud (VPC) and Subnets
Virtual Private Cloud (VPC) is a logically isolated section of the AWS Network where you launch your AWS resources. You choose a range of IPs using CIDR Range CIDR Range of 10.0.0.0/16 = 65,536 IP Addresses
Subnets a logical partition of an IP network into multiple smaller network segments. You are breaking up your IP range for VPC into smaller networks.
Subnets need to have a smaller CIDR range than to the VPC represent their portion. eg Subnet CIDR Range 10.0.0.0/24 = 256 IP Addresses
A Public Subnet is one that can reach the internet
A Private Subnet is one that cannot reach the internet
Network Access Control Lists(NACLs) | Security Groups |
Acts as a virtual firewall at the subnet level You create Allow and Deny rules | Acts as a virtual firewall at the instance level. Implicitly denies all traffic. You create only Allow rules. |
eg. Block a specific IP address known for abuse | eg. Allow an EC2 instance access on port 22 for SSH |