VPC:
Egress-only internet gateways:
- allows outbound communication over IPv6 from instances in your VPC to the internet, and prevents the internet from initiating an IPv6 connection with your instances.
*To enable outbound-only internet communication over IPv4, use a NAT gateway instead.
NAT gateway:
- You cannot route traffic to a NAT gateway through a VPC peering connection, a Site-to-Site VPN connection, or AWS Direct Connect. A NAT gateway cannot be used by resources on the other side of these connections.
VPC Flow log
You can create a flow log for a VPC, a subnet, or a network interface. If you create a flow log for a subnet or VPC, each network interface in that subnet or VPC is monitored
Log format : <version> <account-id> <interface-id> <srcaddr> <dstaddr> <srcport> <dstport> <protocol> <packets> <bytes> <start> <end> <action> <log-status>
VPC endpoint services (AWS PrivateLink)
Create your own application in your VPC and configure it as an AWS PrivateLink-powered service (referred to as an endpoint service). Other AWS principals can create a connection from their VPC to your endpoint service using an interface VPC endpoint.
- You can create a flow log for a VPC, a subnet, or a network interface. If you create a flow log for a subnet or VPC, each network interface in that subnet or VPC is monitored
Routing
VPC peering connection route contains Target as pcx-xxxxxx.
VPN connection // Direct Connect connection route contains Target as vgw-xxxxxx.
Gateway endpoint: prefix list ID of the service (pl-xxxxxxxx), and a target with the endpoint ID (vpce-xxxxxxxx);
Redis : supports both replication and clustering
Redis : supports both replication and clustering
No comments:
Post a Comment