Created
April 23, 2023 18:20
-
-
Save Khahory/6ca0b2e52a9c0e64687403c20be0fb68 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## 🚀 [CURSO AWS] - Usuarios, grupos, roles y policies 👥 | |
RECOMENDS: | |
* Never use root account | |
* Create a role for comunication between services | |
## 🚀 [CURSO AWS] - VPC, Subnets, Internet y NAT Gateways | |
https://www.youtube.com/watch?v=35zd1FAMrjA&list=PLGANiJnCt6o1M7qDzQaLe3p6mNpr6EuNz&index=5 | |
NOTES: | |
* VPC is a virtual data center in the cloud (VPN) | |
* Subnets are a range of IP addresses in your VPC (same VPN but limited to AWS) | |
* Internet Gateway is a VPC component that allows communication between your VPC and the internet | |
* NAT Gateway is a VPC component that allows instances in a private subnet to connect to the internet or other AWS | |
services, but prevents the internet from initiating a connection with those instances | |
* NAT Gateway is always in a public subnet (because is the only way to connect to the internet) | |
RECOMENDS: | |
* Create subnets for each availability zone | |
* Create a Route Table for each subnet (because can we have more flexibility whitout affecting the other subnets) | |
* For route table private, associate to the NAT Gateway (because is the only way to connect to the internet) | |
## 🚀 [CURSO AWS] - Security Groups y Network ACL (NACL) | |
https://www.youtube.com/watch?v=sgKrFLSmF7Q&list=PLGANiJnCt6o1M7qDzQaLe3p6mNpr6EuNz&index=6 | |
NOTES: | |
* Stateful: If you allow inbound traffic, automatically allow outbound traffic | |
* Security Groups are a firewall that control the traffic for one or more instances (Stateful, you only need to allow | |
inbound traffic) | |
* Network ACL are a firewall that control the traffic for one or more subnets (Stateless, you need to allow | |
inbound and outbound traffic) | |
* You can control the outbound traffic from ACL for a specific port. Example: only traffic | |
from the port 80 can be outbound | |
* (EXAMPLE HTTPD SERVER GET 80) Server get request to port 80 (inbound) and the response is sent to port 1024 - 65535 | |
(outbound) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment