What is VPC(Virtual Private Cloud) :
It is a virtual network dedicated to your AWS account. It is logically isolated from other virtual networks in the AWS Cloud in which you can launch your AWS resources.
** VPC is nothing but virtual data center on amazon web services; it is only for private and you can have complete control over it ; this is a completely isolated network that and you can use the way you want.
Classless Inter Domain Routing (CIDR) also used to call for different IP address.
Subnet, Internet Gateway, Route Table, & NAT Gateway
*Public Subnet :
> It is a Subnet that interacts with the internet and can be accessed through the internet.
> We will deploy our load balancer or internet-facing applications in the Public Subnet.
*Private Subnet :
> It is a subnet that can not be reached from the internet.
> We can create the AWS resources which are only used inside the VPC for internal purposes.
* Internet Gateway :
> It is an AWS-managed component that is attached to your VPC.
> It acts as a gateway between your VPC and the internet, basically the outside world.
* Route Table :
> The router determines where the incoming traffic will be directed , this process is known as Routing.
> Router uses route tables to control network traffic.
> Each subnet inside VPC must be associated with a route table.
* NAT Gateway :
> NAT Gateway is a highly available AWS managed service that enables your instances in private subnets to connect to the Internet.
Security Group and NACL :
Why do we need Security Group & NACL(Network Access Control List)?
> Security groups and NACLs both act as virtual firewalls.
> It controls traffic to and from resources in a VPC with inbound and outbound rules.
What is Inbound & Outbound ?
> Inbound or Outbound is the direction of traffic between networks, relative to the reference network.
Inbound :
> Inbound traffic refers to information coming-in to a network.
Outbound :
> Outbound traffic refers to information going-out of the network.
What is Security Group ?
> A security group is an AWS firewall solution that performs one primary function : to filter incoming and outgoing traffic from an EC2 instance.
> It represents instance-level security.
> Both inbound and outbound rules work independently.
> We can apply a security group to one or more instances. Similarly, an instance can also be associated with one or more security groups.
NACL(Network Access Control List) :
> It stands for NACL which controls the traffic to or from a subnet according to the defined rules.
> NACLs work at the subnet level of a VPC.
> We can apply a NACL to one or more subnets. However, each subnet must be associated with one and only one NACL.
* Security Group : > Operates at the instance level,
> Supports allow rules only,
> Is stateful,
> Can't delete a default security group
* NACL : > Operates at the subnet level,
> Supports allow rules and deny rules,
> Is stateless,
> Can't delete default NACL
Post a Comment