Please enable JavaScript.
Coggle requires JavaScript to display documents.
Networking and Content Delivery - Coggle Diagram
Networking and
Content Delivery
ELB
web ACL
Issued by AWS Web App Firewall (WAF)
attach the web ACL to the ELB
API Gateway
Caching for API Gateway stages
Caches API responses at the Gateway level. When a client requests the same API endpoint with the same parameters, the response is served from the cache
Site to Site VPN
a dedicated tunnel between two whole campuses.
creates an encrypted IPsec tunnel between your on-premises data center (or another network) and your AWS VPC.
VPC
VPC = Campus
Public Subnet = ICC facing main road (Internet) with a Gate (NAT/Internet Gateway/Bastion)
Private Subnet = Blk B with no direct access to main road (internet)
NACLs = security at buildings (subnet) doors
Security Groups = locks on individual offices (EC2 instances)
Route Tables = campus map for each building (direction to other buildings or out of campus [internet])
Gateway = gates to internet (Internet Gateway) or gates to partner campus (another VPC) (VPN/Transit Gateway)
VPC Flow Logs
Number of packets transferred during the flow.
Number of bytes transferred during the flow.
Start time and end time of the flow (UNIX timestamp).
Source IPv4 or IPv6 address.
Interface VPC endpoint
to allow private subnet access to secrets manager
Gateway VPC endpoint
Gateway VPC endpoints are supported for only Amazon S3 and Amazon DynamoDB.
Transit Gateway
What is it?
A Central transportation hub/terminal for Subnets to reach other VPCs
TGW Attachment
The connection between a VPC and the Transit Gateway
Client VPN
an employee’s secure tunnel into the campus from home
Private Link
private “tunnel hallway” between specific rooms/buildings without using the internet or VPC peering.
CloudFront
Route 53
DNS Records
port 53
A records
CNAME
NAT Gateway
What is it?
Network Address Translation
Lets internal buildings go out to the internet but blocks outsiders from coming in