AWS Certified Cloud Practitioner All-in-One Exam Guide (Exam CLF-C01) by Daniel Carter
Author:Daniel Carter
Language: eng
Format: epub
Publisher: McGraw-Hill Education
Published: 2021-01-15T00:00:00+00:00
Virtual Private Cloud
With Amazon Virtual Private Cloud (Amazon VPC), you can create a logically defined space within AWS to create an isolated virtual network. Within this network, you retain full control over how the network is defined and allocated. You fully control the IP space, subnets, routing tables, and network gateway settings within your VPC, and you have full use of both IPv4 and IPv6.
You can provision network topographies within VPC much like you would in any kind of data center. You can have both public-facing and private network segments. For example, you can have one network segment that is open to the Internet where you host applications like web systems and other network segments that are not exposed to the Internet where you can host databases and other protected systems.
A common use for VPC is for disaster recovery planning. An organization can replicate network configurations and topographies from other cloud systems or from their own on-premise data centers into AWS for a low cost. An organization can regularly import their virtual machine instances into AWS, while also having the ability to easily replicate them back to the origin once a disaster situation has been recovered from. This allows an organization to get up to full resource levels and only incur substantial costs when it is actually needed to sustain operations, rather than paying for full systems at all times, like typically would be required.
AWS VPC also has the ability for an organization to essentially extend their corporate network into the cloud. By connecting your corporate network to AWS VPC, all of your current security mechanisms, such as firewalls, are retained and the resources in AWS inherit the same protections as if they were within your corporate network. This enables the use of storage and virtual machines in AWS, while retaining your already existing resources. Rather than having to buy additional hardware, especially for projects that are temporary, you can leverage AWS resources and only pay for what is needed and when it is needed.
Security Groups Security groups in AWS are virtual firewalls that are used to control inbound and outbound traffic. Security groups are applied on the actual instance within a VPC versus at the subnet level. This means that in a VPC where you have many services or virtual machines deployed, each one can have different security groups applied to them. In fact, each instance can have up to five security groups applied to it, allowing different policies to be enforced and maintain granularity and flexibility for administrators and developers.
When you launch an instance of a service like EC2, you specify a security group in the initial configuration, or it will automatically assign to the default group if you do not. You can also create a new security group on the fly when you launch an EC2 instance if necessary. Security groups that are created can only be used within the VPC specified when they were created. The following also apply to security groups:
⢠Security groups can have different rules for inbound and outbound traffic.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7402)
Grails in Action by Glen Smith Peter Ledbrook(7296)
Kotlin in Action by Dmitry Jemerov(4638)
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4131)
The Age of Surveillance Capitalism by Shoshana Zuboff(3424)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3243)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3029)
Mastering Python for Networking and Security by José Manuel Ortega(2952)
Blockchain Basics by Daniel Drescher(2891)
TCP IP by Todd Lammle(2641)
Microsoft 365 Identity and Services Exam Guide MS-100 by Aaron Guilmette(2614)
From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso & Matthew E. Amoroso(2483)
Hands-On Azure for Developers by Kamil Mrzyglod(2413)
Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 by Chris Gill(2377)
React Native - Building Mobile Apps with JavaScript by Novick Vladimir(2340)
MCSA Windows Server 2016 Study Guide: Exam 70-740 by William Panek(2313)
The Social Psychology of Inequality by Unknown(2311)
The Art Of Deception by Kevin Mitnick(2299)
Azure Containers Explained by Wesley Haakman & Richard Hooper(2270)