1. VPC Access a. VPN i. Hardware-based VPN 1. Types of VPN a. Client-to-Site: Users that are getting access to corporate resources b. Site-to-Site: Corporate office connecting to another corporate office but using the internet c. Private Connection (e.g. MPLS): usually don’t have encryption on it 2. When you setup a hardware-based VPN is … Continue reading AWS Certified SysOps Administrator Part III: VPC Access & VPC Peering

1. Layered Security a. Overview i. Resources are inside a.. ii. VM Firewall (instance level – OS provided) iii. Security Groups (instance level - AWS platform provided) iv. NACLs (Subnet level) 2. Security Groups a. Resource level traffic firewall i. Instance, ELB, etc. ii. Control egress / ingress b. Stateful (return traffic allowed) c. Only … Continue reading AWS Certified SysOps Administrator Part II: Security Groups & NACLs

1. Understanding Virtual Networking on AWS a. What is a VPC? i. Logically isolated network in the AWS cloud ii. Every AWS subscription gets a root VPC, you can further segment that VPC down into smaller and smaller VPCs iii. VPCs are free but VPN has some costs associated with it b. AWS Reference Model … Continue reading AWS Certified SysOps Administrator Part I: VPC