New Training: Network for Management and Private Traffic

In this 8-video skill, CBT Nuggets trainer Bart Castle teaches how to work with private network traffic in AWS Virtual Private Clouds (VPCs). Learn how to configure network address translation (NAT) services and how to provision a management network and administrative jump boxes to enable secure SSH or RDC-based access for administrators. Watch this new AWS training.

Learn AWS with one of these courses:

• AWS Certified Security – Specialty

• AWS Certified Solutions Architect – Associate

• AWS Certified SysOps Administrator – Associate

This training includes:

• 8 videos

• 46 minutes of training

You’ll learn these topics in this skill:

• Private Database: Private Subnet

• Private Database: NAT Gateway Deployment

• Private Database: Creating a Security Group

• Management Network

• Management Network: SSH JumpBox

• Management Network: Bridge ENIs

• Management Network: Testing ENI

• Management Network: SSH Connection Test

What is a Security Group?

Virtual private cloud Security Groups control inbound and outbound traffic at the instance level, much as Access Control Lists (ACLs) control traffic at the subnet level. Each instance may be assigned up to 5 security groups, and each instance in a subnet could be assigned to a different set of security groups.

Each security group follows one set of rules for inbound traffic and a separate set for outbound traffic. The default security group allows all outbound traffic and inbound traffic from instances assigned to the same security group only. In other words, if you want to restrict outbound traffic, or if you want to allow inbound traffic from network interfaces outside your security group, you will need to change the rules.

Security rules are a useful way to establish consistent traffic flow rules for similar instances across different subnets.