Skip to content
Pass Microsoft, Cisco, Sap and Salesforce Exams
Menu
  • Home
  • Exams
  • Certifications
  • Cloud Computing
  • Cyber Security
  • Contact Us
  • Log in
  • Sign up
Menu

Fundamental Network Services

Posted on 2024-09-062024-09-06 by zeusexam

Fundamental Network Services

It is pretty amazing when you think about just how much “networking” AWS is responsible for. If we take a recent estimate of the number of AWS customers, we are looking at about 1.5 million entities (at this writing). That number is amazing enough, but when we remember that each of these customers is apportioned at least one Virtual Private Cloud, the scale of AWS becomes mind-boggling. In this section of the chapter, you’ll become very comfortable with the important concept of VPCs in AWS.

Virtual Private Cloud (VPC)

When you think about virtual networking in the public cloud of AWS, think VPCs. A VPC allows you to create private virtual networks and use the same concepts that you are already familiar with from traditional networking. With a VPC, you have complete control of your network configuration. You have the ability to isolate resources from or expose resources to the public Internet or to your private host systems inside your corporation.

With AWS VPCs, there are several layers of security controls (as you would expect). For example, security groups and network access control lists (NACLs) act as firewalls. Security groups control traffic into and out of your Elastic Compute Cloud (EC2) instances, whereas NACLs control traffic into and out of your subnets in a VPC.

When you are architecting solutions in AWS, you deploy various services and resources into a VPC in order to make up the full solution. You can be very specific with service and resource placement so you know exactly where in your virtual network the resources reside. These services also conveniently inherit the security you have built into your network. Examples of services you would deploy into a VPC include EC2, Elastic File System (EFS), Relational Database Service (RDS), and Elastic Load Balancing (ELB).

These are the main features of a VPC you should be aware of:

High availability: VPCs build on the high availability built into AWS Regions and Availability Zones (AZs). Your VPCs live within a Region, and you can have multiple VPCs per account.

Subnets: Just like your private network infrastructures, VPCs are made up of subnets that you can use to provide segmentation at Layer 3 (the network layer).

Route tables: You can use route tables to route traffic entering and exiting your subnets. You get this familiar model without needing to worry about physical routers.

Internet gateways (IGWs): An IGW gives you easy-to-configure access to the Internet for your VPC. Figure 15-1 shows an IGW in AWS.

Figure 15-1 An Internet Gateway

NAT gateway: A NAT gateway translates your privately addressed VPC resources to access the Internet using public IP addresses.

NACLs: NACLs allow you to control access to your VPC subnets. They are stateless constructs, which means you must configure inbound and outbound rules, as there is no automatic recognition of state with traffic flows, and there are no automated access entries.

Post navigation

← Other Database Services – CLF-C02 Exam Study Guide
Other Network Services – CLF-C02 Exam Study Guide →

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Categories

  • 100-150 Study Course
  • AWS Study Course
  • AZ-104 Study Course
  • Certified Advanced Salesforce Admin
  • Cisco Study Course
  • CLF-C02 Study Course
  • Google
  • Google Associate Cloud Engineer
  • Microsoft Study Course
  • Salesforce
  • Study Course
© 2024 Zeusexam, Inc. All rights reserved. | Privacy Statement | Terms of Use | Use of Cookies | Trust | Accessibility | Cookie Preferences | Your Privacy Choices