Bash, the Crucial Exams Chat Bot
AI Bot
Advanced Networking in AWS for DevOps Engineers Flashcards
AWS DevOps Engineer Professional DOP-C02 Flashcards
| Front | Back |
| AWS Global Accelerator | A networking service that improves the availability and performance of applications with global users by utilizing static IP addresses and accelerating traffic via AWS edge locations |
| AWS Network Firewall | A managed service offering stateful and stateless inspection, intrusion prevention, and filtering for network traffic |
| AWS Private DNS | Enables private resolution of DNS names in resources within your VPC |
| AWS WAF (Web Application Firewall) | A managed service that protects web applications by controlling inbound and outbound traffic based on customizable security rules |
| Bastion Host in AWS Networking | A hardened remote access server within a public subnet designed to enable administrative access to instances within a private subnet |
| Classic Load Balancer vs Application Load Balancer | Classic Load Balancer operates at Layer 4 (TCP), while Application Load Balancer operates at Layer 7 (HTTP/HTTPS) |
| Cross-Region VPC Peering | Allows VPC peering connections between VPCs located in different AWS regions |
| Difference between VPC peering and Transit Gateway | VPC peering is direct one-to-one communication while Transit Gateway acts as a centralized hub for multiple VPCs and networks |
| Direct Connect Gateway | Facilitates communication between AWS Direct Connect connections and multiple VPCs spread across different regions |
| DNS failover with Route 53 | A mechanism in Route 53 to route traffic to a backup resource when the primary resource becomes unhealthy |
| Egress-only Internet Gateway | A horizontally scaled, redundant, and highly available VPC component that allows outbound internet access for IPv6 resources |
| Elastic IP | A static IPv4 address designed for dynamic cloud computing, allowing the reassociation of IPs between resources |
| Elastic Load Balancer (ELB) Cross-Zone Load Balancing | Distributes traffic evenly across all registered instances in multiple availability zones |
| Elastic Network Interface | A virtual network interface attached to an instance that enables network communication within a VPC |
| Gateway Load Balancer | A load balancer that helps deploy, scale, and manage third-party virtual appliances seamlessly in your VPC |
| Hybrid Connectivity Options in AWS | Includes VPN, AWS Direct Connect, and Transit Gateway for connecting on-premises environments to AWS |
| Network ACLs | Stateless network firewalls at the subnet level that provide an additional layer of security |
| Network Address Translation (NAT) | A method to map private IP addresses to public IP addresses for outbound internet access |
| Peering Connection Limits | AWS-imposed limits specifying the number of peering connections allowed per VPC |
| PrivateLink | A service for securely establishing a private connection between VPCs and AWS services without exposing them to the internet |
| Resource Access Manager (RAM) | A service enabling secure resource sharing across AWS accounts or within AWS Organizations |
| Route 53 | AWS's DNS service capable of domain registration, routing internet traffic, and health checks for resources |
| Route 53 health checks | A feature ensuring that Route 53 routes traffic to healthy endpoints by monitoring the health of resources |
| Security Groups | Virtual firewalls at the instance level that control inbound and outbound traffic based on rules |
| Service Control Policy in Networking | AWS Organizations' policy to restrict networking actions across accounts or resources |
| Split-Horizon DNS with Route 53 | A design using Route 53 to route traffic to different IP addresses based on the requester’s location |
| Static vs Dynamic Routing in AWS Networking | Static routing relies on manually defined routes whereas dynamic routing adapts based on network changes using routing protocols |
| Transit Gateway | A central hub that connects multiple VPCs, on-premises networks, and AWS services for simplified and scalable networking |
| Transit Gateway Multicast | Enables multicast traffic delivery across VPCs by leveraging the Transit Gateway for efficient group communication |
| Transit Gateway routing tables | Virtual tables used to define how Transit Gateway will route traffic between attached resources |
| Transit Gateway vs Direct Connect | Transit Gateway integrates multiple networks via AWS, while Direct Connect provides a dedicated physical connection between on-premises data centers and AWS |
| VPC Endpoints | Allows secure, scalable private connectivity to AWS services without requiring an internet gateway or NAT device |
| VPC Flow Logs | Logging feature tracking the IP traffic within VPCs for monitoring and network troubleshooting |
| VPC peering | A networking connection between two VPCs that allows traffic exchange privately without the need for a gateway or VPN connection |
| VPN Gateway | A virtual device enabling secure connection between an AWS environment and an on-premises network |
This deck delves into advanced networking concepts, such as VPC peering, Transit Gateway, Route 53, and network security strategies relevant to DevOps.