[ ] internal/private – Allow all internal traffic on the VPC
[ ] external/office – open up only port 3456 (or some other random number with an SSH protocol)
[ ] Public subnet (a. 10.0.0.0 b. 10.0.2.0)
[ ] To test that a public subnet is connected to the internet gateway spin up an EC2 instance – call this the jumpbox. To test do a curl 8.8.8.8. Keep this EC2 active.
[ ] Attach external office security group to this jumpbox.
[ ] Private subnet (a. 10.0.1.0 b. 10.0.3.0) – Make sure private subnet covers at least two availability zones (AZ’s) otherwise RDS deployment will not be possible.
[ ] Routing tables
[ ] Attach a NAT Gateway to VPC
[ ] Test :
[ ] Connection to internet :
[ ] To test that a private subnet is setup correctly spin up an EC2 instance.
[ ] Connect this to the private security group
[ ] Do a curl 8.8.8.8 to test if the outside internet is accessible. See that the curl results are successful. Also do something like a yum install emacs to test if installs can happen and the outside internet is reachable. Note IP address of this EC2 instance.
[ ] Access to internal traffic :
[ ] Do a curl from the jumpbox to the this EC2 instance on the private subnet to the noted internal IP address.
[x] internal/private – Allow all internal traffic on the VPC
[x] external/office – open up only port 3456 (or some other random number with an SSH protocol)
[x] Public subnet (a. 10.0.0.0 b. 10.0.2.0)
[x] To test that a public subnet is connected to the internet gateway spin up an EC2 instance – call this the jumpbox. To test do a curl 8.8.8.8. Keep this EC2 active.
[x] Attach external office security group to this jumpbox.
[x] Private subnet (a. 10.0.1.0 b. 10.0.3.0) – Make sure private subnet covers at least two availability zones (AZ’s) otherwise RDS deployment will not be possible.
[x] Routing tables
[x] Attach a NAT Gateway to VPC
[ ] Test :
[x] Connection to internet :
[x] To test that a private subnet is setup correctly spin up an EC2 instance.
[x] Connect this to the private security group
[ ] Do a curl 8.8.8.8 to test if the outside internet is accessible. See that the curl results are successful. Also do something like a yum install emacs to test if installs can happen and the outside internet is reachable. Note IP address of this EC2 instance.
[x] Access to internal traffic :
[x] Do a curl from the jumpbox to the this EC2 instance on the private subnet to the noted internal IP address.
VPC