Virtual Private Cloud
Default comes with
1 VPC
4 Subnets - Defaults to the number of availability zones in the region
1 Network ACL
1 Internet Gateway
1 Routing table
1 Security Group
Internet Gateway (IGW)
Attached = connected
1 IGW per VPC
Cannot detach when active AWS instances exist
Routing Table
Cannot delete a routing tables with dependencies (Associated subnets)
Network Access Control Lists (NACL)
Default NACL defaults to allow all for default subnets
Rule order is taken on rule number and not the order listed
New NACL defaults to deny all
Subnet can only be associated to one NACL
NACL are for subnet access. Instances in the subnet could have further security
Subnets
Located in one availability zones
Public and private subnets. Difference is that public subnets have a route to the internet. i.e. Routing table with IGW
Subnets get associated with default routing table if not set otherwise. Subnet must have one routing table
Availability Zones (VPC Specifics)
VPC spans availability zones
Subnets can only be in one availability zones
Use multiple availability zones to create high availability and redundancy