https://wiki.quizz.vn/ 2026-04-15T18:11:46+00:00 https://wiki.quizz.vn/ https://wiki.quizz.vn/lib/exe/fetch.php?media=wiki:dokuwiki.svg text/html 2025-12-28T07:05:38+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.quizz.vn/doku.php?id=aws:network:elb&rev=1766905538&do=diff Elastic Load Balancing (ELB) What it is: A service that distributes incoming traffic across multiple targets (instances, IPs, containers). What it’s for: * High availability and better performance. * Health checks and automatic routing away from unhealthy targets. text/html 2025-12-28T07:00:26+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.quizz.vn/doku.php?id=aws:network:internet-gateway&rev=1766905226&do=diff Internet Gateway (IGW) What it is: A VPC component that enables internet connectivity for resources in public subnets. What it’s for: * Allow inbound/outbound internet traffic for resources that are designed to be public. Key ideas: * IGW is attached to a VPC. text/html 2025-12-28T07:01:37+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.quizz.vn/doku.php?id=aws:network:nacl&rev=1766905297&do=diff Network ACL (NACL) What it is: A stateless firewall that controls traffic at the subnet level. What it’s for: * Add an extra layer of subnet-level allow/deny rules. * Block specific IP ranges broadly (when needed). Key ideas: * Stateless text/html 2025-12-28T07:00:46+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.quizz.vn/doku.php?id=aws:network:nat-gateway&rev=1766905246&do=diff NAT Gateway What it is: A managed Network Address Translation service that lets instances in private subnets access the internet outbound. What it’s for: * Allow private instances to download updates, call external APIs, etc. * Prevent inbound internet connections to those private instances. text/html 2025-12-28T06:59:45+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.quizz.vn/doku.php?id=aws:network:private-subnet&rev=1766905185&do=diff Private Subnet What it is: A subnet that does not have a direct route to the Internet Gateway. What it’s for: * Host internal resources like databases, app servers, internal services. * Reduce attack surface. Common pattern: * Private subnet route table may include `0.0.0.0/0 → NAT Gateway` for outbound internet (updates, package installs). text/html 2025-12-28T06:59:26+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.quizz.vn/doku.php?id=aws:network:public-subnet&rev=1766905166&do=diff Public Subnet What it is: A subnet where resources can reach the internet directly via an Internet Gateway route. What it’s for: * Host internet-facing resources like load balancers, bastion hosts, public web servers (when required). Requirements (typical): text/html 2025-12-28T07:00:09+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.quizz.vn/doku.php?id=aws:network:route-table&rev=1766905209&do=diff Route Table What it is: A set of routing rules that decide where network traffic goes. What it’s for: * Send traffic to IGW, NAT, VPC endpoints, peering, etc. * Define public vs private subnets through default routes. Key ideas: * Each subnet is associated with one route table (main or custom). text/html 2025-12-28T07:02:22+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.quizz.vn/doku.php?id=aws:network:route53&rev=1766905342&do=diff Route 53 (DNS) What it is: AWS’s DNS service that translates domain names to IP addresses or AWS endpoints. What it’s for: * Host and manage DNS records for domains. * Route users to the right endpoints (ALB, CloudFront, S3 website, etc.). text/html 2025-12-28T07:01:05+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.quizz.vn/doku.php?id=aws:network:security-group&rev=1766905265&do=diff Security Group What it is: A stateful virtual firewall for instances (and some other ENIs). What it’s for: * Control inbound/outbound traffic at the resource level. * Allow only required ports/protocols (least privilege networking). Key ideas: text/html 2025-12-28T06:59:12+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.quizz.vn/doku.php?id=aws:network:subnet&rev=1766905152&do=diff Subnet What it is: A smaller network segment inside a VPC, mapped to a single Availability Zone. What it’s for: * Organize resources by exposure level (public/private). * Spread across AZs for high availability. Key ideas: * Best practice: create at least 2 subnets in 2 AZs. text/html 2025-12-28T07:01:56+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.quizz.vn/doku.php?id=aws:network:vpc-endpoint&rev=1766905316&do=diff VPC Endpoint What it is: A private connection between your VPC and supported AWS services without using the public internet. What it’s for: * Access services like S3/DynamoDB privately (improved security). * Avoid NAT costs for S3/DynamoDB traffic (common optimization). text/html 2025-12-28T06:58:47+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.quizz.vn/doku.php?id=aws:network:vpc&rev=1766905127&do=diff VPC (Virtual Private Cloud) What it is: A logically isolated network in AWS where you launch resources (EC2, RDS, EKS nodes, etc.). What it’s for: * Control IP ranges, subnets, routing, and firewall rules. * Separate public-facing resources from private/internal resources.