A Network Access Control List (NACL) is a security feature in Amazon Web Services (AWS) that acts as a virtual firewall for controlling inbound and outbound traffic at the subnet level within a Virtual Private Cloud (VPC). NACLs are stateless, meaning they don’t keep track of the connection state like stateful firewalls do. They evaluate traffic based on rules that you define and allow or deny traffic accordingly.
Network Access Control Lists (NACLs) and Security Groups are both important components of network security in Amazon Web Services (AWS). They provide different levels of control and operate at different layers of the networking stack.
Continue reading “Intro to NACL and Security Groups”
AWS VPC Peering is a service provided by Amazon Web Services (AWS) that allows customers to create peering connections between their Virtual Private Clouds (VPCs). It enables direct communication between VPCs in the same AWS account or in different AWS accounts within the same region.
Continue reading “Intro to VPC Peering”
A Virtual Private Cloud (VPC) Internet Gateway (IGW) is a horizontally scaled, highly available AWS-managed component that allows communication between resources in your VPC and the internet. It serves as a connection point and facilitates the exchange of traffic between your VPC and the public internet.
Continue reading “Intro to VPC Internet Gateway”
Routing policy is a set of rules used by domain name system (DNS) services, such as AWS Route 53, to route traffic to an application’s endpoints. It helps control how DNS service responds to DNS queries, based on factors such as the geographic location of the user, the health of resources, or the latency of the network.
Route 53 supports several routing policies, including simple routing policy, weighted routing policy, latency-based routing policy, geolocation routing policy, failover routing policy, and multi-value answer routing policy. By applying routing policies, users can optimize the performance, availability, and cost-effectiveness of their applications by directing traffic to the most appropriate resources.
Continue reading “Route 53 Routing Policy”
Route 53 is a highly scalable and reliable domain name system (DNS) service offered by Amazon Web Services (AWS) that translates domain names into IP addresses to locate resources on the internet. It offers several features such as integration with other AWS services, a global network of DNS servers, DNS traffic flow management, routing policies, health checks, and DNSSEC.
These features enable users to manage their domain names and routing traffic globally, improve application performance and availability, and provide cryptographic authentication and integrity for DNS data. Overall, Route 53 is a comprehensive and popular choice for managing domain names and routing traffic within the AWS environment.
Continue reading “Intro to AWS Route 53”
AWS Application Load Balancer (ALB) is a service that provides advanced load balancing capabilities for HTTP and HTTPS traffic at the application layer (Layer 7) of the OSI model. ALB routes incoming traffic to different targets, such as Amazon EC2 instances, ECS tasks, or Lambda functions, based on rules that you define.
Continue reading “Intro to AWS Elastic Load Balancing”
VPC (Virtual Private Cloud) networking is a service provided by Amazon Web Services (AWS) that enables users to create and manage virtual networks in the cloud. It allows users to create isolated, private network environments within the AWS cloud that are logically separate from other networks and that can be customized to meet specific requirements.
With VPC networking, users can create virtual networks that are similar to traditional on-premises networks, with complete control over IP addressing, subnets, and routing. VPCs provide several features and capabilities, including the ability to create and manage subnets, set up security groups and network access control lists (ACLs), and connect to on-premises networks and the public internet.
Continue reading “VPC Networking”
A subnet in AWS VPC (Virtual Private Cloud) is a range of IP addresses in your VPC that you can use to launch your resources, such as EC2 instances or RDS databases. A subnet is a subdivision of an IP network, which enables you to segment and isolate different parts of your network.
When you create a VPC, you can create one or more subnets within it. Each subnet must be associated with a specific availability zone within a region. Availability zones are physically separate locations within a region, each with its own power source, network, and connectivity to other availability zones.
Continue reading “Intro to Subnet and VPC”