Study Guides/AWS Cybersecurity Notes/VPC Security: Difference between revisions

From Cramsession
Jump to navigationJump to search
✍️ Verified Author: MflavellClick to view professional profile & credentials
(Created page with "= VPC Security = == Important terms == ::* Subnets - Remember each subnet must stay within its AZ. No Multiple AZ's or regions. ::* Security groups - Think of them as firewalls assigned to the EC2 instance. ::: You can have up to 5 per instance ::: These are stateful - they will remember. ::* NACL - Network Access Control Lists ::: Remember these are stateless - so you need to enable both directions. ::: They are evaluated in order from low to high. ::* NAT - Fo...")
 
Line 3: Line 3:
== Important terms ==
== Important terms ==


::* Subnets - Remember each subnet must stay within its AZ. No Multiple AZ's or regions.
:* Subnets - Remember each subnet must stay within its AZ. No Multiple AZ's or regions.


::* Security groups - Think of them as firewalls assigned to the EC2 instance.
:* Security groups - Think of them as firewalls assigned to the EC2 instance.


::: You can have up to 5 per instance
::: You can have up to 5 per instance
Line 11: Line 11:
::: These are stateful - they will remember.
::: These are stateful - they will remember.


::* NACL - Network Access Control Lists
:* NACL - Network Access Control Lists


::: Remember these are stateless - so you need to enable both directions.
::: Remember these are stateless - so you need to enable both directions.
Line 17: Line 17:
::: They are evaluated in order from low to high.
::: They are evaluated in order from low to high.


::* NAT - Forwards traffic from a private subnet ot the internet or other AWS service.
:* NAT - Forwards traffic from a private subnet ot the internet or other AWS service.


::: These are not secure - never use in production.
::: These are not secure - never use in production.


::* VPC Endpoint
:* VPC Endpoint


::: Allows a resounce to connect you AWS VPC or AWS services without the public internet.
::: Allows a resounce to connect you AWS VPC or AWS services without the public internet.


::* AWS Direct Connect
:* AWS Direct Connect


::: A direct connection to AWS - no public internet.
::: A direct connection to AWS - no public internet.


::* Elastic network interface - A virtual network card.
:* Elastic network interface - A virtual network card.

Revision as of 00:43, 13 June 2026

VPC Security

Important terms

  • Subnets - Remember each subnet must stay within its AZ. No Multiple AZ's or regions.
  • Security groups - Think of them as firewalls assigned to the EC2 instance.
You can have up to 5 per instance
These are stateful - they will remember.
  • NACL - Network Access Control Lists
Remember these are stateless - so you need to enable both directions.
They are evaluated in order from low to high.
  • NAT - Forwards traffic from a private subnet ot the internet or other AWS service.
These are not secure - never use in production.
  • VPC Endpoint
Allows a resounce to connect you AWS VPC or AWS services without the public internet.
  • AWS Direct Connect
A direct connection to AWS - no public internet.
  • Elastic network interface - A virtual network card.
Retrieved from "https://cramsession.net/index.php?title=Study_Guides/AWS_Cybersecurity_Notes/VPC_Security&oldid=1700"