Skip to the content.
AWS Developer Associate


VPC And Subnets Primer

Internet Gateway And NAT Gateways

Network ACL And Security Groups

Network ACLs vs Security Groups

Security Group Network ACL
Operates at the instance level Operates at the subnet level
Supports allow rules only Supports allow rules and deny rules
Is stateful: Return traffic is automatically allowed, regardless of any rules Is stateless: Return traffic must be explicitly allowed by rules
We evaluate all rules before deciding whether to allow traffic We process rules in number order when deciding whether to allow traffic
Applies to an instance only if someone specifies the security group when launching the instance,or associates the security group with the instance later on Automatically applies to all instances in the subnets it’s associated with (therefore, you don’t have to rely on users to specify the security group)


VPC Flow Logs

VPC Peering

VPC Endpoints

• Endpoints allow you to connect to AWS Services using a private network instead of the public www network • This gives you enhanced security and lower latency to access AWS services • VPC Endpoint Gateway: S3 & DynamoDB • VPC Endpoint Interface: the rest • Only used within your VPC

Site to Site VPN & Direct Connect

VPC Summary