Using the Start VPC Wizard

January 12, 2018 at 4:50 pm

VPC

One option for your VPC creation inside of AWS is to use a Wizard. This video demonstrates how this works. This is supplemental material to Anthony Sequeira’s upcoming course on Networking Services in AWS at CBT Nuggets!

AWS Access Management

January 10, 2018 at 10:30 pm

In the AWS Certified Cloud Practitioner course at CBT Nuggets, trainer Anthony Sequeira will help you understand the fundamentals of AWS Cloud, including concepts crucial to the deployment and operation of this platform. Learn about key services, basic security aspects, and administrative components, while preparing for Amazon’s Certified Cloud Practitioner exam. This example Nugget from the course covers Access Management topics in the scope of the exam.

VPC Peerings in AWS

January 10, 2018 at 12:59 am

VPC Peerings

An often overlooked feature with VPCs in AWS is your ability to create peering relationships between them. AWS calls this, appropriately, VPC Peerings. These objects permit you to route traffic between VPCs and offer the following killer features:

  • You can route traffic between your own VPCs
  • You can route traffic between your VPC and a VPC in another AWS account
  • Some regions even support an inter-region VPC Peering connection
  • The VPC Peering is not physical hardware, it is not a gateway or VPN connection; this ensures high availability for the peering using the global infrastructure of AWS

The steps you perform for the creation of a VPC Peering are simple:

  1. Request the peering from a Requestor VPC to an Acceptor VPC
  2. Once the Peering is accepted, manually add the routes you desire to the routing tables in the two VPCs
  3. Modify Security Groups appropriately to permit the desired access to resources across the VPCs

There are important restrictions to keep in mind for intra-region VPC Peerings:

  • The CIDR ranges cannot overlap
  • There is a limit to the overall number of VPC Peerings you can have; this is a soft limit that you can contact AWS about of course
  • You cannot have more than one VPC Peering between two VPCs
  • They do support Placement Groups with some limitations
  • There is no Unicast Reverse Path Forwarding security protections permitted

The restrictions for inter-region VPC Peerings are as follows:

  • The Security Groups cannot reference each other across the regions
  • DNS will not function across the regions seamlessly like within a region
  • IPv6 communications are not supported in this design
  • The MTU is 1500
  • Inter-region VPC Peerings are limited to only certain regions currently