Withtin AWS we have region, and inside various availability zones, and we can create AWS Account within and within that VPC. VPC can have multiple rules, can it have inbound and outbound internet access, With VPCs, we can connect between VPCs. By default two VPCs are not allowed to talk to each other. We can connect VPCs together with various mechanisms. We can also have multiple VPCs in single AWS Account. These also not allowed to talk to each other unless we do a VPC peering.
How VPCs work?
AWS Cloud
- Region
- Availability Zone 1
- Availability Zone 2
- Availability Zone 3
When we create VPC, it is mostly created to span across various availability zone
Within VPC, we can have Public and Private Subnets . We don't necessarily need both of them. Public subnet we can put resource within it to make outbound internet calls. It is also be able to receiving inbound traffic from outside world. We can keep things like EC2 with web portal etc. The Public Subnet communicate with the outside world via the Internet gateway . Traffic coming from outside will also flow through the Internet gateway
Private Subnets can be used for any resource that need not have the direct access to outside world such as RDS , databases etc. However, we can still have the Private subnet entities to talk to the outside world although inbound traffic is not allowed.
Two public subnets within VPC can interact each other. Public and private subnets component can take to each other, Multiple private subnets can talk to each other as well.
No comments:
Post a Comment