AWS Direct Connect
- Refer Here for aws direct connect locations
- This is used when there is a lot of data to be transferred to aws from on-premises and it will have cost implications as well
VPC Endpoints
- AWS Services such as S3, Dynamo db and kinesis dont get created in your vpc, so when you try to access them from your vpc then these services will be connected over internet.
- AWS VPC endpoint enables you to connect your VPC privately to supported AWS services and VPC endpoint service (supported by AWS PrivateLink)
- We create a vpc endpoint in our vpc to establish connection to these services. there are two types of vpc endpoints
- interface endpoint: This uses Elastic Network Interface and private ip from your subnet cidr will be assigned to supported service
- gateway endpoint: These use a route table target for a specified route in your route table for supported services
- interface endpoint: This uses Elastic Network Interface and private ip from your subnet cidr will be assigned to supported service
- Refer Here for the services which use the aws vpc endpoints
- AWS Private Link: This enables us to connect to some AWS Services hosted by other AWS Accounts
Egress only Internet Gateway
- Internet gateway offers ingress and egress connectivity to our vpcs
- If we consider a scenario, where all the ec2 instances/resources in our vpc should be private but they should be able to access internet then we use egress only internet gateway
Exercise:
- Install aws cli on your systems Refer Here
