Core networking

Internet Gateway & NAT Gateways

  • Internet Gateways helps our VPC instances connect with the internet

  • Public Subnets have a route to the internet gateway.

  • NAT Gateways (AWS-managed) & NAT Instances (self-managed) allow your instances in your Private Subnets to access the internet while remaining private

Network ACL & Security Groups

  • NACL (Network ACL)

    • A firewall that controls traffic from and to the subnet

    • Can have ALLOW and DENY rules

    • Are attached at the Subnet level

    • Rules only include IP addresses

  • Security Groups

    • A firewall that controls traffic to and from an ENI/EC2 Instance

    • Can have only ALLOW rules

    • Rules include IP addresses and other security groups

PreviousVPC DiagramNextVPC Flow Logs

Last updated