Please enable JavaScript.
Coggle requires JavaScript to display documents.
VPC (Security Group (Instance Level, Rules in "Allow" format,…
VPC
Security Group
Instance Level
Rules in "Allow" format
Least restrictive one will be followed
Stateful: returns traffic
Can be made across multi-AZ
Subnets
Range of addresses
Reserved: 0-3, 255
CIDR block
default is 172.31.0.0/16
fixed at /64
IPv4
32 bits
IPv6
128 bits
All public addresses in AWS
/56 fixed ??
Everything is allowed by default
Needs IG or NAT to connect to the internet
Range can be changed only after termination of VPC
Can be expanded by 4 and reduced by changing CIDR?
Network Access Control Lists
Subnet Level
Rules in "deny" format
Most restrictive rule will be followed
Stateless: incoming and outgoing traffic has to be specified individually
NAT Gateway
Public to private address translation
Must be in public subnet
Behind Security Group
NAT instances
Size
Route Tables
Created automatically if wizard is launched
Main
Custom
Connect to the internet via private subnet
Internet Gateway
1 per VPC
VPC Peering
Flow Logs