Create and configure Network Access Control Lists
- View Offline
- [Narrator] Before we dive in and configure a NACL,…let's take a look at a picture to visualize…the environment we're working in.…Let's take a peak at this simplified diagram.…Here we have the Tokyo VPC and it's subnets…on the left-hand side of the screen.…The right side of the screen shows the Frankfurt VPC…and it's subnet.…There's my laptop down in the lower right corner,…out in the wilds of the internet.…In Frankfurt, there's a single EC2 instance.…Over in Tokyo, we can see the public…and private EC2 instances,…as well as the NAT Gateway which the private instance…uses to access the internet.…
The security group attached to the instance in Frankfurt…allows access from my laptop,…the public IP of the NAT Gateway,…and the public IP of the instance in Tokyo.…The security group attached to the Tokyo public instance…also accepts traffic from my laptop.…The only way for me to get to the private instance in Tokyo…is by going through the instance in the Tokyo public subnet.…Right now, the Tokyo private instance…can reach out to Frankfurt via the NAT Gateway.…
This course is also part of a series designed to help you prepare for the AWS Certified SysOps Administrator – Associate certification exam.
This course includes trademarks owned by Amazon Web Services. This course has not been prepared, approved, or endorsed by Amazon Web Services.
- Exploring Virtual Private Cloud (VPC)
- Configuring subnets, route tables, and gateways
- Working with access control lists (ACLs)
- Maintaining network security
- Implementing VPC peering and peer routing
- Using Route 53
- Managing a private DNS