Unlock the full potential of your projects.
전체 맵 표시
마인드맵 복사&편집 복사

Module 4: Networking

기타
james buckett
시작하기. 무료입니다
또는 회원 가입 e메일 주소
비슷한 마인드맵 마인드맵 개요
Module 4: Networking 저자: Mind Map: Module 4: Networking

1. Connectivity to AWS

1.1. Amazon Virtual Private Cloud (VPC)

1.1.1. tl;dr - Regional Virtual Overlay Network

1.1.2. Amazon VPC enables you to provision an isolated section of the AWS Cloud.

1.1.3. A subnet is a section of a VPC that can contain resources such as Amazon EC2 instances.

1.2. Internet Gateway (IG)

1.2.1. To allow public traffic FROM the INTERNET to access your VPC, you attach an internet gateway to the VPC.

1.2.1.1. An internet gateway is a connection between a VPC and the internet.

1.3. Virtual Private Gateway (VPG)

1.3.1. To access private resources in a VPC, you can use a virtual private gateway.

1.3.1.1. The virtual private gateway is the component that allows protected internet traffic to enter into the VPC.

1.3.1.1.1. A virtual private gateway enables you to establish a VIRTUAL PRIVATE NETWORK (VPN) connection between your VPC and a private network

1.4. AWS Direct Connect (DX) ($$$)

1.4.1. Is a service that enables you to establish a dedicated private connection between your data center and a VPC.

1.4.1.1. Direct Connect DX

2. Subnets and network access control lists

2.1. Subnets

2.1.1. A subnet is a section of a VPC in which you can group resources based on security or operational needs.

2.1.1.1. Subnet

2.1.2. PUBLIC (ROUTABLE) subnets contain resources that need to be accessible by the public, such as an online store’s website.

2.1.3. PRIVATE (NON-ROUTABLE) subnets contain resources that should be accessible only through your private network, such as a database that contains customers’ personal information and order histories.

2.2. Security

2.2.1. Network Access Control Lists (NACL) (Stateless)

2.2.1.1. Network ACLs perform stateless packet filtering.

2.2.1.1.1. A network access control list (ACL) is a virtual firewall that controls inbound and outbound traffic at the subnet level.

2.2.2. Security Groups (Stateful)

2.2.2.1. A security group is a virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance.

2.2.2.1.1. By default, a security group denies all inbound traffic and allows all outbound traffic.

3. Global Networking

3.1. Domain Name System (DNS)

3.1.1. You can think of DNS as being the phone book of the internet.

3.1.2. Web Address to IP Mapping

3.2. Amazon Route 53

3.2.1. Amazon Route 53 is a DNS web service.

3.2.1.1. Route 53