chapter five

5 Securing the network: the virtual private cloud

This chapter covers

Using virtual private clouds (VPCs) and related resources to configure network access for your AWS resources
Using network routing and virtual firewalls to protect resources from network-based attacks
Separating resources into multiple VPCs to isolate them from any misconfigurations or vulnerabilities
Using services like VPC Peering and Site-to-Site VPN to connect resources in different private networks, without routing traffic over the public internet.

5.1 Working with a Virtual Private Cloud

5.1.1 VPCs

5.1.2 Subnets

5.1.3 Network Interfaces and IPs

5.1.4 Internet and NAT Gateways

5.2 Traffic Routing and Virtual Firewalls

5.2.1 Route Tables

5.2.2 Security Groups

5.2.3 Network ACLs

5.3 Separating Private Networks

5.3.1 Using Multiple VPCs for Network Isolation

5.3.2 Connections between VPCs

5.3.3 Connecting VPCs to Private Networks

5.4 Summary

@font-face { font-family: 'livebook'; src:url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.eot?1.9.0'); src:url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.eot?1.9.0') format('embedded-opentype'), url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.woff?1.9.0') format('woff'), url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.ttf?1.9.0') format('truetype'), url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.svg?1.9.0') format('svg'); font-weight: normal; font-style: normal; }