This is a continuation of the previous VPC lab.
Steps:
Go to VPC Dashboard and click on Network ACLs tab.
Verify current Network ACLs and all inbound and outbound rules.
Create New Network ACL
This is a continuation to the lab ‘Creating and Using Amazon VPC – Part 1’. We will use NAT instance and NAT gateway to allow the private server to access internet in a secure way.
Steps:
Launch a new EC2 instance as NAT instance
We will create a VPC with a public and private subnet and try accessing them both from internet. We will be creating the VPC without using the Wizard available.
Steps:
Log in to the AWS console and go to VPC dashboard.
Go to ‘Your VPCs’ and click on ‘Create VPC’
These are only the defaults. Many of these can be changed by contacting AWS or other ways. Refer to the reference link for details.
Flow logs per single network interface, single subnet, or single VPC in a region = 2
VPCs per region = 5
Amazon VPC provides following features to increase and monitor the security for your VPC:
Security groups - Act as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic at the instance level.
Network access control lists (ACLs) - Act as a firewall for associated subnets, controlling both inbound and outbound traffic at the subnet level.
NAT is a method of remapping one IP address space into another. Advanced NAT implementations feature IP masquerading, which allows to share one Internet-routable IP address of a NAT gateway for an entire private network. In AWS, you can either use a NAT instance or a NAT gateway.
Host a simple, public-facing website
Can create security group rules which allow the webserver to respond to inbound HTTP and SSL requests from the Internet while simultaneously prohibiting the webserver from initiating outbound connections to the Internet.
Can select "VPC with a Single Public Subnet Only".
Amazon VPC lets you provision a logically isolated section of the AWS cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC.
We will see topics such as DMZ, jump server, bastion host, NAT etc.
Will discuss important networking terms which will help understand Amazon VPC service better: VPC itself, IP subnet, jump hosts, private IP address spaces, NAT and ICMP.
Please first use the contact form or facebook page messaging to connect.
Offline ContactComplete the form below, and we'll send you an e-mail every now and again with all the latest news.
CloudMaterials is my blog to share notes and learning materials on Cloud and Data Analytics. My current focus is on Microsoft Azure and Amazon Web Services (AWS).
I like to write and I try to document what I learn to share with others. I believe that knowledge is useless unless you share it; the more you share, the more you learn.
Recent comments