Amazon Virtual Private Cloud (VPC)

Core VPC concepts including CIDR blocks, subnets, route tables, and the overall VPC networking architecture within AWS regions and availability zones.

Creating public and private subnets, understanding subnet routing, and distributing subnets across availability zones for fault tolerance.

Understanding route table associations, creating custom routes, and implementing routing policies for different subnet types and connectivity requirements.

Understanding the differences between stateful security groups and stateless NACLs, and implementing defense-in-depth security strategies.

Setting up VPC peering relationships, understanding peering limitations, and implementing cross-region VPC connectivity for distributed architectures.

Configuring Site-to-Site VPN connections, understanding Direct Connect for dedicated network connections, and implementing hybrid network architectures.

Understanding Transit Gateway architecture, route tables, and implementing hub-and-spoke network topologies for complex multi-VPC environments.

Setting up Gateway endpoints for S3 and DynamoDB, and Interface endpoints for other AWS services to maintain private connectivity and reduce data transfer costs.

Configuring VPC Flow Logs, analyzing network traffic patterns, and using flow logs for security monitoring and compliance requirements.

Configuring private hosted zones, understanding DNS resolution in VPC, and integrating with Route 53 for internal and external domain management.

Setting up Internet Gateways for public subnet connectivity and NAT Gateways/Instances for secure outbound internet access from private subnets.

Implementing three-tier architectures with web, application, and database tiers using public and private subnets, load balancers, and appropriate security controls.