VPC Networking: Designing a Software Defined Data Center on AWS

Introduction

• Designing a software-defined data center at AWS
• What you should know
• H+Sports use case

1. VPC Architecture

• Defining the VPC
• Deep dive: Packet flow
• AWS regions
• AWS Availability Zones
• Availability Zone considerations
• AWS costs
• AWS Regions and Availability Zones
• Planning for fault tolerance, and high-availability

2. Creating VPCs

• VPC design choices
• Create a VPC
• The default VPC

3. Creating Subnets

• Reasons to create subnets
• Creating subnets
• Route tables
• The master route table
• Custom route table

4. IP Addressing

• Public and private IP addresses
• Order an Elastic IP address
• Hosting public IP addresses at AWS
• Order BYOIP

5. VPC Security

• VPC security options
• Security groups
• Security group design
• Create a custom network ACL
• Network ACLs
• Create security groups
• Designing packet flow with security groups

6. VPC Public Connectivity

• Internet gateway services
• Order and configure an internet gateway
• Egress-only internet gateway
• Add an Egress-only internet gateway
• NAT services
• Adding NAT services

7. VPC Private Connectivity

• VPC peering
• Peering VPCs together
• Sharing VPC resources
• Sharing resources with RAM
• Private endpoints
• Gateway and interface endpoints
• VPN connections

8. VPC Compliance

• Monitoring with Flow Logs
• Create flow logs
• Controlling access with IAM roles
• Creating IAM roles for cross-account access
• Dedicated tenancy VPC
• Creating a dedicated tenancy VPC
• VPC soft limits
• Requesting a service limit increase
• Using automation for compliance
• Deploying a network stack with CloudFormation

Conclusion

• Next steps