VPC Peering

vpc peering - sign right icon 1 150x150 - VPC PeeringAllows you to connect one VPC with another via a direct network route using private IP addresses.

vpc peering - sign right icon 1 150x150 - VPC PeeringInstances behave as if they were on the same private network.

vpc peering - sign right icon 1 150x150 - VPC Peering You can peer VPC’s with other AWS accounts as well as with other VPCs in the same account.

vpc peering - sign right icon 1 150x150 - VPC Peering Peering is in a star configuration,i e 1 central VPC peers with 4 others.NO TRANSITIVE PEERING!!!

  • Peeringisinastarconfiguration,ie1centralVPCpeerswith4others.NOTRANSITIVE PEERING!!!

VPC Flow log Creation:

VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC.Flow log data is stored using Amazon Cloud Watch Logs.After you’ve created a flow log,you can view and retrieve its data in Amazon Cloud Watch Logs.

  1. To enable the VPC Flow Log,Select the VPC and navigate to Create Flow Log under Actions.
VPC Peering vpc peering - 259 - VPC Peering

For AWS Support  9160565554

Send Enquiries : sales@fgrade.com 

2. Before creating the Flow Log on VPc,We need to Create log Group in cloud watch.Navigate to cloud watch and select the Logs option and select the create log group option.

VPC Peering vpc peering - 260 - VPC Peering

3. Select the Log group and Create a Log Stream as shown in below image

VPC Peering vpc peering - 261 - VPC Peering
VPC Peering vpc peering - 262 - VPC Peering

4. Now navigate back to VPC and create a Flow Log.

VPC Peering vpc peering - 263 - VPC Peering

5. Select the Filter and choose what traffic(All/Accept/Reject)you want to gets in Log.

6. Create a new IAM role to perform the task on behalf of us.Click on Setup Permissions option and it’ll navigate a new tab and select allow

VPC Peering vpc peering - 264 - VPC Peering

7. Select the newly created Log Group in Cloud Watch,and all the traffic will be logged into Cloud Watch Logs under Log stream

VPC Cleanup:

When you delete the VPC,Automatically all the resources attached to the VPC also deletes.As mentioned below image,Subnets,Security groups,Network ACLs,internet Gateways,Route tables etc will delete along with VPC.

VPC Peering vpc peering - 265 - VPC Peering

Bastion host:

Bastion hosts are instances that sit within our public subnet and are typically accessed using SSH or RDP.Once remote connectivity has been established with the bastion host,it then acts as a ‘jump’ server,allowing you to use SSH or RDP to login to other instances(with in private subnets)deeper within your VPC. When properly configured through the use of security groups and Network ACLs (NACLs),the bastion essentially acts as a bridge to your private instances via the internet.