-
Security in VPC
updated 2 weeks, 6 days ago
2 Members
·
5
Posts
-
Good day to you
When it comes to the VPC, which AWS Services, can be used to protect VPC? Exam questions for SAA – C03 seem to have many cases presented to you, with a combination of AWS Services which are in relation to Security.
Then AWS seem to test us, mixing the questions related to Security and ALB a lot too.
Hence, the question
By the way, I have been posting questions at Slack, dojo, since Monday the 02nd of April 2024. DOJO has not responded so far?
Kind Regards
Denzil
-
Hi Denzil,
Thank you for posting here.
To my knowledge, these are the few AWS services that can be used to protect resources running within a VPC:
-
Security Groups—Security groups act as virtual firewalls and allow you to control inbound and outbound traffic to EC2 instances within a VPC.
-
Network ACLs are similar to security groups but applied at the subnet level instead of the instance level. They allow you to control traffic that enters or leaves a subnet.
-
AWS Network Firewall – This managed firewall service provides capabilities like stateful packet inspection, intrusion prevention, and web filtering. It allows you to manage firewall rules across multiple VPCs and subnets centrally.
-
VPC Endpoints – By creating interface or gateway endpoints, resources within the VPC can securely access other AWS services privately without an internet gateway, NAT device, VPN connection, or AWS Direct Connect connection. This eliminates potential security risks of public internet access.
As for your concern regarding your post on Slack, I apologize for being unable to respond to your queries. We will reply to your queries as soon as we can.
Thank you for understanding.
Regards,
Neil @ Tutorials Dojo-
Hello Neil,
Thank you for that.
However, when it comes to VPC, in which way can a VPC be protected?
As regards to (1) and (2), which one is the most secured AWS Service?
Well, the questions which I did post are dating back to 01st of April 2024, in here (TD) as well as Slack. Prior to Easter, the answers were prompt. 🙂
By the way, in relation to SAA C03 Practice Exams, when can we expect an update?
Kind Regards,
Denzil
-
Hi Denzil,
Since a VPC serves as a secure and isolated environment within your AWS account, ensuring its protection is paramount to safeguarding your resources and data. Thus, my answer above. You can check this AWS documentation to get more of an idea of what Amazon VPC is https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html
Regarding which of Network ACLs(2), and Security Groups(1) are more secure, both Security Groups and Network ACLs play crucial roles in securing a VPC, but they operate at different levels. Security Groups offer instance-level control as virtual firewalls, while Network ACLs operate at the subnet level. Neither is inherently more secure; they complement each other. For finer control, use Security Groups. For broader control, use Network ACLs. Combining both enhances VPC security.
Regarding updates to the SAA C03 Practice Exams, we are constantly working to improve and update our content to provide the most relevant and up-to-date resources for our users. Rest assured that we are actively working on it.
Thank you.
Regards,
Neil @ Tutorials Dojo
-
-
-
Hello Neil,
Thank you for that.
Kind Regards,
Dnzil
Log in to reply.