AWS - VPC Security AWS - VPC Security two Amazon VPC firewall options to secure VPC: security groups network access control lists (network ACLs) .

AWS - Security Group AWS - Security Group acts as a virtual firewall for instance network interface the first layer of protection around instances. Specifically se...

AWS - NACL Network Access control list AWS - NACL Network Access control list The VPC router hosts the network ACL function. controlling traffic in and out of one or more subnets...

Network Connectivity - Gateway VPC Connectivity VPC peering VPN hub-and-spoke architecture AWS Transit Gateway [connecting multiple VPCs] ...

Network address translation (NAT) NAT instances Network address translation (NAT) gateway difference between the VPC NAT gateway and a NAT instance Network add...

Internet gateway (IGWs) Internet gateway (IGWs) The key: whether it can access internet IGW is resilient by design a scalable, redundant, and highly availabl...

AWS networking and content delivery HIGH AVAILABILITY APPROACHES FOR NETWORKING Hybrid connectivity AWS Partner Network (APN) AWS GovCloud Hardware VPN Connect...

BadNetwork Misconfiguration 1: Unnecessary Service Exposure Misconfiguration 2: Soft Center Misconfiguration 3: Bad Failover Misconfiguration 4: Typo in Security Gro...

cloud governance on AWS overview value of the NIST CSF NIST CSF NIST CSF use case with identity The organizational context: AWS Cl...

Session Manager session Session document schema 赋予System Manager 对实例可执行操作的权限： 0. setup 1. 修改 instance profile 和加裝 ssm agent ...

AWS Plan AWS Plan 4 plan Basic Support included for all AWS customers All plans, including Basic Support, provide 24/7 access to customer service, AWS document...

SQS - Amazon Simple Queue Service short and long polling use case Loose coupling with SQS short polling behavior Visibility t...

SNS - Amazon simple notification service architecture overall massage persistency use case SNS - Amazon simple notification service architectu...

Service Control Policies (SCPs) basic Testing effects of SCPs Maximum size of SCPs Inheritance of SCPs in the OU hierarchy Effects on permissions Using a...

[toc] SCPs Template General Example Example: Deny access to AWS based on the requested AWS Region This SCP denies access to any operations outside of the specified Regions. ...