Tag Archives: vpc

New Course Coming! AWS Solutions Architect – Networking Services

AWS, ,

AWS

I have a new CBT Nuggets course wrapping up this week that is super exciting for those interested in AWS (especially certification). It is the AWS Solutions Architect – Networking Services course and it sits along with the already completed Compute and Storage Services courses. This networking course is so important because it features content found in all the major Associate Level AWS certifications! Here is the current list of Nuggets that the course will feature. I look forward to your comments below!

  1. Course Introduction
  2. What is a VPC?
  3. Meet the Default VPC
  4. Creating a Custom VPC
  5. Testing a Custom VPC
  6. Stateful Security Groups
  7. Working with Private Subnets
  8. NAT in AWS
  9. Network ACLs
  10. Components of the Global Infrastructure
  11. Route 53
  12. CloudFront
  13. VPNs
  14. Direct Connect
  15. Web Application Firewall
  16. Directory Services
  17. Disaster Recovery

A Default VPC in AWS

AWS, ,

VPC

Amazon tries to lower your barrier to entry when it comes to quickly making resources available via the cloud. As such, you are built a nice default VPC. This post walks you through what is created for you.

  • The default VPC itself – there is a unique ID associated with this for identification and a CIDR range (172.31.0.0/16)
  • Subnets – you get a subnet in each of your Availability Zones; these subnets are publicly reachable; they are /20 and feature 4091 available addresses
  • Route Table – there is a route table constructed for you; it directs 172.31.0.0/16 to stay local, and there is a default route (0.0.0.0/0) directing traffic to an Internet Gateway constructed for you
  • Internet Gateway – this allows your default VPC resources to reach the outside world
  • DHCP Options Set – there is an entry done for you which contains the domain name associated with your default VPC
  • Network ACL – there is a Network ACL associated with all three of your subnets; it is completely permissive by default; it allows all traffic inbound and all traffic outbound
  • Security Group – there is a default security group created for you; it is restrictive in nature in that it permits no traffic inbound

Note there are plenty of other VPC components available for your default VPC, but you would need to configure them. These components include:

  • Egress only Internet Gateways
  • Elastic IPs
  • Endpoints
  • Endpoint Services
  • NAT Gateways
  • Peering Connections
  • Customer Gateways
  • Virtual Private Gateways
  • VPN Connections

CCIERS