Networking In AWS

We've seen the many networking options that are available in AWS. These network options exist to provide flexibility but also support important business needs, such as security and network architecture best practices.

In this exercise, you will use some of the more advanced networking options in order to create a subnet so that resources in this subnet will be able to access the Internet, but will not be directly accessible from the Internet. This configuration allows you to put resources an additional layer deeper within your network. Security has a concept referred to as "defense in depth," which promotes multiple layers of defense such that a compromise of any one layer does not expose important assets.

Using the "Launch VPC Wizard", create a new VPC. Select the "VPC with a Single Public Subnet" option. Name the VPC "Udacity-NAT-Exercise" and keep the default options and create the VPC.

NAT Gateway And Route Table

Create a NAT Gateway in the new public subnet that was just created. Select the route table in the new VPC that is not associated with the public subnet and update it to include a default route of the new NAT Gateway. Then create a new subnet in your new VPC and have that subnet use your modified route table.