zoukankan      html  css  js  c++  java
  • [AWS

    VPC & Subnets

    VPC: private network to deploy your resources (regional resource)

    Subnets: partition your network inside your VPC (AZ resource)

    Public subnet: able to access internet

    Private subnet: not able to access internet

    To define access to the internet and between subnets, we use Route Tables

    Internet Gateway & NAT Gateways

    Internet Gateways

    Public subnets ables to access internet is because of internet gateways

    Public subnets have a route to the internet gateway.

    NAT Gateways

    For private gateways, to access internet, we use NAT Gateway / instance. 

    NAT Gateways (AWS-managed) & NAT instances (self-managed) allow your instances in your Private Subnets to access internet while remaning private.

    The way it works is: NAT lives in public subnet and has route to IGW, then private subnet connet to NAT, then it able to access internet,

    Public subnet has first firewall which is NACL, it can allow and deny traffic from and to subnet.

    Security Groups is a firewall for EC2 instance, by default deny all traffic, you need to tell what you want to allow.

    Security groups are stateful, you traffic can go out, then it can go back in as well.

    VPC Perring is used for communication between two VCP.

    VPC Endpoints

    • Endpoints allow you to connect to AWS service using a private network instead of the public www network
    • ALl the AWS services are public, any time you use an AWS service, EC2 talks publicly in AWS
    • If you want to access S3 or DynamoDB outside VPC, you can use VPC Endpoints Gateway. 
    • VPC endpoint Gateway: S3 & DyanmoDB Only
    • VPC endpoint interface: the rest
    • Only used within VPC

    • VPN & DC CANNOT access VPC endpoints. Because VPC endpoint is only for AWS service inside VPC

    3 tiers: 

    • Public subnet: ELB, NAT
    • Private subnet: ALB, AZ, EC2
    • Data Subent: Aurora, RDS, ElastiCache

  • 相关阅读:
    Unity中获取移动设备GPS信息
    Unity打包APP控制顶部状态栏
    Hololens概览
    webdriver中的定位模拟及实例
    selenium等待机制
    seleniumChrom无头浏览器
    selenium规避网站监测
    百度api识别验证码登录
    Pyecharts-数据可视化模块
    Selenium-浏览器兼容性测试自动化
  • 原文地址:https://www.cnblogs.com/Answer1215/p/14847788.html
Copyright © 2011-2022 走看看