dokucama

User Tools

Site Tools

Trace:
virtualization:cloud:aws

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
virtualization:cloud:aws [2023/10/23 05:03] โ€“ jotasandokuvirtualization:cloud:aws [2025/03/25 14:58] (current) โ€“ jotasandoku
Line 26: Line 26:
  
 SIMPLER SETUP. remove credentials when done and set them up again when start working: SIMPLER SETUP. remove credentials when done and set them up again when start working:
-  # or just keep credentials but gran/revoke policies during works : https://us-east-1.console.aws.amazon.com/iamv2/home?region=us-east-1#/groups/details/gr2?section=permissions+  # or just keep credentials but gran/revoke 'AdministratorAccess' policy during works : ย 
 +  # https://us-east-1.console.aws.amazon.com/iamv2/home?region=us-east-1#/groups/details/gr2?section=permissions
   rm /home/pi/.aws/credentials*   rm /home/pi/.aws/credentials*
   aws configure    aws configure 
Line 114: Line 115:
     * An example, rtb for a vpc endpoint: destination: pl-7ba54012(com.amazonaws.us-est-2.s3) (this represents the subnet of the service) + target: vpce-aa852c     * An example, rtb for a vpc endpoint: destination: pl-7ba54012(com.amazonaws.us-est-2.s3) (this represents the subnet of the service) + target: vpce-aa852c
       * vrf ~= multiple rts/subnets. Which is not ๐Ÿ’ฏ true because different subnets/rts can talk to each other by default       * vrf ~= multiple rts/subnets. Which is not ๐Ÿ’ฏ true because different subnets/rts can talk to each other by default
 +    * VIRTUAL PRIVATE GATEWAY [vpw]: AWS network service component that serves as the AWS-side endpoint for connecting external networks to a VPC. (can be used with dx or s2s vpn).
 +    * AWS GLOBAL ACCELERATOR: For those applications that cannot use DNS for optimally routing; Traffic hits an Anycast address and then goes through AWS internal network. AWS internal network uses public IP space. Your endpoint needs to have public IP, eg ALB or NLB; Another use case is the ''accelerated VPN'' where we use the nearest global accelerator edge-location so it traverses the internal AWS network (instead of Internet) on its route to the remote VPC.
  
  
Line 295: Line 298:
     *  Is rspan with VXLAN udp-4789 as transport. Target doesn't need to filter vxlan but we need to consider the 60B added by vxlan so we don't get over the mtu.     *  Is rspan with VXLAN udp-4789 as transport. Target doesn't need to filter vxlan but we need to consider the 60B added by vxlan so we don't get over the mtu.
     * In reality the nitro nic (hypervisor's smart nic) does acl does sg does rspan and cloudwatch metrics(review this))     * In reality the nitro nic (hypervisor's smart nic) does acl does sg does rspan and cloudwatch metrics(review this))
- 
----- 
-Aws global accelerator: 
-for those applications that cannot spell dns. \\ 
-Traffic hits an Anycast address and then goes through Aws internal network.\\  
-Aws internal network uses public space.\\ 
-Your endpoint needs to have public IP, eg alb or nlb 
  
 ---- ----
virtualization/cloud/aws.1698037384.txt.gz ยท Last modified: (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki