GuardDuty how Amazon GuardDuty works enable Amazon GuardDuty GuardDuty identify malicious/unauthorized activity in AWS account and workloads Designed...

[toc] Amazon CloudTrail got all the log, auditing simplifies security analysis, resource change tracking, and troubleshooting. enables governance, compliance, operational aud...

AWS Cloud: Proactive Security and Forensic Readiness 1. Identity and Access Management in AWS Best-practice checklist 2. Infrastructure-level ...

VPC Amazon Virtual Private Cloud 2 VPC infrastructure Multi-VPC pattern Multi-Account pattern basic custom VPC VPC route...

Log and monitor for Amazon VPC Monitoring NAT gateways using Amazon CloudWatch VPC Flow Logs Flow logs basics create a flow log Flow log r...

VPC endpoint Example without VPC endpoint with S3 VPC endpoint basic 3 types of VPC endpoints Interface end...

Subnet IP addressing Subnet sizes: Subnet types: public subnet private subnet VPN-only subnet Subnet ...

Elastic IP Elastic IP address ENI - Elastic Network Interface Elastic IP Elastic IP address basic a static and public IPv4 address designed for dynamic ...

AWS - VPC Security AWS - VPC Security two Amazon VPC firewall options to secure VPC: security groups network access control lists (network ACLs) .

AWS - Security Group AWS - Security Group acts as a virtual firewall for instance network interface the first layer of protection around instances. Specifically se...

AWS - NACL Network Access control list AWS - NACL Network Access control list The VPC router hosts the network ACL function. controlling traffic in and out of one or more subnets...

Network Connectivity - Gateway VPC Connectivity VPC peering VPN hub-and-spoke architecture AWS Transit Gateway [connecting multiple VPCs] ...

Network address translation (NAT) NAT instances Network address translation (NAT) gateway difference between the VPC NAT gateway and a NAT instance Network add...

Internet gateway (IGWs) Internet gateway (IGWs) The key: whether it can access internet IGW is resilient by design a scalable, redundant, and highly availabl...

AWS networking and content delivery HIGH AVAILABILITY APPROACHES FOR NETWORKING Hybrid connectivity AWS Partner Network (APN) AWS GovCloud Hardware VPN Connect...