AWS Classroomnotes 27/Mar/2022

Network ACL

  • Network ACL is used to control traffic to the subnets.
  • When we create a vpc we get a default Network acl which allows all inbound (incoming/ingress) and outbound connections
    Preview
    Preview
  • Rules:
    • Each Subnet must be associated with a network ACL
    • One Network ACL can be associated with multiple subnets in a vpc
    • Network ACLs contains number list of rules
    • These rules are evaluated from the lowest number rule to the highest number rule
    • Lowest Rule number is 1 and highest is 32766
    • We have inbound ACL Rules and outbound ACL Rules
  • Each Network ACL Rule has
    • Rule Number
    • Type: The type of traffic
      Preview
    • Protocol:
    • Port Range:
    • Source: this is for inbound rules
    • Destination: this is for outbound rules
    • Allow/Deny: Whether to allow or deny the specified traffic.

Preview
* Lets create a NACL which allows all the tcp from our ip address and all traffic from with in vpc and denies the rest
Preview
Preview
Preview
Preview
Preview
Preview
Preview
Preview
Preview
Preview
Preview

Multiple VPC Scenario

  • Create the following vpcs and ec2 instances
    Preview
  • open tcp 22 & icmp in security group for both ec2 instances
    Preview
  • We need private connectivity between two vpcs in AWS (in same region/different region)
  • Establishing private connectivity between two networks is done by using Virtual Private Network (VPN) more specifically we call this as site-to-site VPN.
  • We need to explore on how to connect
    • between two VPCs
    • between VPC and your organization (on-premises) network.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner