AWS Classroomnotes 05/Aug/2022

VPC Contd..

  • Create one public and one private subnet
    Preview
  • Lets create two ec2 instances one in public and other in private subnets.
    Preview
  • AWS has two security checks to filter out network traffic
    • At network interface level => Security Group
    • At subnet level => Network ACL
      Preview
  • Incoming/Inbound/Ingress refers to packet entering your vpc & Outgoing/Outbound/Egress refres to packets leaving your vpc.
  • When we create a vpc, a default NACL is created which will allow all incoming and outgoing traffic.
    Preview
  • The security filters of AWS i.e. both NACL and SG will search the packet
    • Incoming:
      • Protocol => TCP/UDP/ICMP
      • Port
      • Source IP Address
    • Outgoing:
      • Protocol => TCP/UDP/ICMP
      • Port
      • Destination Ip Address
  • NACL:
    • Allows us to write rules for the packets to be allowed or denied
    • Support the security filters mentioned above.
    • Rules are processed based on priority => Priority is mentioned by using a number
  • Security Group:
    • Allows us to write rules for the packets to be allowed. If not specified it will be denied
    • Support the security filters mentioned above.
    • No Priority

Activity – 1

  • Create an NACL and attach this to any subnet
    • Allow all the traffic with in vpc
    • Allow all the traffic from anywhere if is ssh (22), http (80), https (443) and also ICMP
  • Create a NACL
    Preview

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner