Overview
-
Learn how to set up a multitier virtual private cloud (VPC)—a software-defined data center—on Amazon Web Services.
Syllabus
-
Introduction
- Designing a software-defined data center at AWS
- What you should know
- H+Sports use case
- Defining the VPC
- Deep dive: Packet flow
- AWS regions
- AWS Availability Zones
- Availability Zone considerations
- AWS costs
- AWS Regions and Availability Zones
- Planning for fault tolerance, and high-availability
- VPC design choices
- Create a VPC
- The default VPC
- Reasons to create subnets
- Creating subnets
- Route tables
- The master route table
- Custom route table
- Public and private IP addresses
- Order an Elastic IP address
- Hosting public IP addresses at AWS
- Order BYOIP
- VPC security options
- Security groups
- Security group design
- Create a custom network ACL
- Network ACLs
- Create security groups
- Designing packet flow with security groups
- Internet gateway services
- Order and configure an internet gateway
- Egress-only internet gateway
- Add an Egress-only internet gateway
- NAT services
- Adding NAT services
- VPC peering
- Peering VPCs together
- Sharing VPC resources
- Sharing resources with RAM
- Private endpoints
- Gateway and interface endpoints
- VPN connections
- Monitoring with Flow Logs
- Create flow logs
- Controlling access with IAM roles
- Creating IAM roles for cross-account access
- Dedicated tenancy VPC
- Creating a dedicated tenancy VPC
- VPC soft limits
- Requesting a service limit increase
- Using automation for compliance
- Deploying a network stack with CloudFormation
- Next steps
