Please enable JavaScript.
Coggle requires JavaScript to display documents.
VPC, Customer Network, Customer Network, AWS VPC
region-a, EC2, Customer…
VPC
-
Transit Gateway
-
-
-
-
-
-
-
-
-
Site-to-Site VPN
when you have four tunnels of site-to-site VPN,
you are increasing the throughput of your connection
-
-
-
-
-
-
VPC Peering
-
-
-
-
-
even though A and B , B and C are connected, you still need to enable a VPC Peering connection between A and C to have them communicate.
Each peering connection requires modifications to all the other VPCs’ route tables and,
as the number of VPCs grows, this can be difficult to maintain (handle).
AWS Site-to-Site VPN
-
-
-
-
-
IPSec to establish encrypted network connectivity between your intranet and Amazon VPC over the Internet / Cannot Use NFS
-
SubNet
-
-
-
-
Exam Tip, if you need 29 IP ,You need to choose a subnet of size /26
(64 IP addresses, 64 – 5 = 59 > 29)
-
-
RAM :red_flag:
-
VPC sharing
Allows multiple AWS accounts to create their application resources such as EC2, RDS , Redshift clusters, and Lambda , into shared and centrally-managed Amazon Virtual Private Clouds (VPCs).
VPC (owner) shares one or more subnets with other accounts (participants) that belong to the same organization from AWS Organizations.
participants can view, create, modify, and delete THEIR (NOT OTHERs) application resources in the subnets
-
-
-
-
-
VPC Endpoints
-
-
-
allows you to connect to AWS
services using a private network,
instead of public internet
-
VPC Flow Logs
-
-
-
-
Can be used for analytics on usage patterns, or malicious behavior
AWS VPN CloudHub
-
-
Provide secure communication between multiple sites, if you have multiple VPN connections
-
This design is suitable if you have multiple branch offices and existing internet connections and would like to implement a convenient(suitable), potentially low-cost hub-and-spoke model for primary or backup connectivity between these remote offices.
-
-
-
DNS Hostnames
no
EC2 Instance just has a private DNS,
even though it sits in a public subnets
-
-
-
-
-
Max. CIDR per VPC is 5,
and each CIDR(min16IP-max6536IP)
-
-
-
-
-
-
AWS VPC2
region-b
different regions (same account), you must use a Direct Connect Gateway
-
-
-
-
-