course-aws-basic-001

## 🚀 [CURSO AWS] - Usuarios, grupos, roles y policies 👥

RECOMENDS:

* Never use root account
* Create a role for comunication between services

## 🚀 [CURSO AWS] - VPC, Subnets, Internet y NAT Gateways

https://www.youtube.com/watch?v=35zd1FAMrjA&list=PLGANiJnCt6o1M7qDzQaLe3p6mNpr6EuNz&index=5

NOTES:

* VPC is a virtual data center in the cloud (VPN)
* Subnets are a range of IP addresses in your VPC (same VPN but limited to AWS)
* Internet Gateway is a VPC component that allows communication between your VPC and the internet
* NAT Gateway is a VPC component that allows instances in a private subnet to connect to the internet or other AWS
  services, but prevents the internet from initiating a connection with those instances
* NAT Gateway is always in a public subnet (because is the only way to connect to the internet)

RECOMENDS:

* Create subnets for each availability zone
* Create a Route Table for each subnet (because can we have more flexibility whitout affecting the other subnets)
* For route table private, associate to the NAT Gateway (because is the only way to connect to the internet)

## 🚀 [CURSO AWS] - Security Groups y Network ACL (NACL)

https://www.youtube.com/watch?v=sgKrFLSmF7Q&list=PLGANiJnCt6o1M7qDzQaLe3p6mNpr6EuNz&index=6

NOTES:

* Stateful: If you allow inbound traffic, automatically allow outbound traffic
* Security Groups are a firewall that control the traffic for one or more instances (Stateful, you only need to allow
  inbound traffic)
* Network ACL are a firewall that control the traffic for one or more subnets (Stateless, you need to allow
  inbound and outbound traffic)
* You can control the outbound traffic from ACL for a specific port. Example: only traffic
  from the port 80 can be outbound
* (EXAMPLE HTTPD SERVER GET 80) Server get request to port 80 (inbound) and the response is sent to port 1024 - 65535
  (outbound)