VPC – Scriptorium

[AWS Lab] VPC – Public Subnet

In this lab, we will learn how to create a public subnet and test it with an EC2 instance.

Overview

VPC
- Create a VPC and public subnet
EC2
- Create an EC2 instance inside the public subnet
- Setup the website in the EC2 instance
- Access the website via the public IP address of the EC2 instance

[AWS] VPC – NAT Gateway

NAT (Network Address Translation)

NAT remaps source IPs or destination IPs. (It translates private IPs to public IPs and vice versa.)

Static NAT
- A private IP is mapped to a public IP at a 1:1 ratio. (such as Internet Gateway).
Dynamic NAT
- A range of private IPs are dynamically mapped to one or more public IPs (Home router or NAT Gateways).
- To achieve high availably, create one dynamic NAT per AZ.

[AWS] Transit Gateway

AWS Transit Gateway is used to simplify your AWS network architecture (topology) by allowing to have transitive peering between hundreds and thousands of VPC and on-premise data centers.

[AWS] VPC Endpoints

A VPC Endpoint is a gateway object within a VPC and can be used to connect privately to AWS public services or other VPC endpoints without the need for Internet Gateway or a public subnet.

You do not need to use Internet Gateway, NAT Gateway (public subnet), or AWS Direct Connect.
The traffic never leaves the AWS network.
- Instances in your VPC do not require public IP address.
VPC Endpoints are highly available and horizontally scalable virtual devices.

[AWS] VPC Peering

VPC Peering allows direct communication between VPCs using OSI Layer 3 (Network). Once the VPCs are connected, 2 VPCs can communicate using private IP addresses.

Instances can connect each other as if they are in the same private network.
VPC Peers can span AWS accounts and even regions with some limitations.
Data is encrypted and transits via the AWS global backbone.

Tag Archives: VPC