Curriculum
Course: AWS Cloud
Login

Curriculum

AWS Cloud

AWS Cloud Tutorial

0/103
Text lesson

AWS Subnet and Access

Subnets

A Subnet is a segment within a VPC that enables you to organize resources. These groupings can cater to different security or operational requirements, and you can create both public and private Subnets.

Public Subnets

Public Subnets contain resources that are accessible to the public, such as your company’s website, like code7school.com.

Private Subnets

Private Subnets contain resources that are only accessible within the private network, such as databases storing customer data.

Public and Private Subnets can communicate with each other via secure channels.

Network Traffic in a VPC

Requested data is transmitted as a packet, a bundle of information sent over a network or the internet.

The packet enters the VPC through an Internet Gateway and undergoes a permission check before accessing a Subnet.

Permissions are checked to determine:

  • The sender of the packet.
  • How the packet will interact with the resources in the Subnet.

Network Access Control Lists

Network Access Control Lists (ACLs) act as firewalls that manage both inbound and outbound traffic at the subnet level. ACLs inspect and control the packets. If a packet is on the approved list, it is allowed to pass through; otherwise, access is denied.

Stateless Packet Filtering

ACLs perform stateless packet filtering, meaning they do not retain memory of previous requests once checked. Their function is to inspect packets entering and leaving, using predefined rules to either approve or deny access.

statelesspacketfiltering

Security Groups

A Security Group is a firewall that manages inbound and outbound traffic, specifically for an AWS EC2 instance.

The default configuration denies all inbound traffic while allowing all outbound traffic. To modify this setup, you need to add new rules.

Stateful Packet Filtering

Security Groups perform stateful packet filtering, meaning they retain a record of the actions taken on packets in the past.

statefulpacketfiltering

 

Configuration

ACLs and Security Groups can be configured by adding custom rules to manage traffic.

overviewsecurity