russellwjoel
commented
4 years ago VPC Setup security groups:
- [x] internal/private – Allow all internal traffic on the VPC
- [x] external/office – open up only port 3456 (or some other random number with an SSH protocol)
- [x] Public subnet (a. 10.0.0.0 b. 10.0.2.0)
- [x] To test that a public subnet is connected to the internet gateway spin up an EC2 instance – call this the jumpbox. To test do a curl 8.8.8.8. Keep this EC2 active.
- [x] Attach external office security group to this jumpbox.
- [ ] Install psql to the EC2 jumpbox : https://www.compose.com/articles/postgresql-tips-installing-the-postgresql-client/
- [x] Private subnet (a. 10.0.1.0 b. 10.0.3.0) – Make sure private subnet covers at least two availability zones (AZ’s) otherwise RDS deployment will not be possible.
- [x] Routing tables
- [x] Attach a NAT Gateway to VPC
- [ ] Test :
- [x] Connection to internet :
- [x] To test that a private subnet is setup correctly spin up an EC2 instance.
- [x] Connect this to the private security group
- [ ] Do a curl 8.8.8.8 to test if the outside internet is accessible. See that the curl results are successful. Also do something like a yum install emacs to test if installs can happen and the outside internet is reachable. Note IP address of this EC2 instance.
- [x] Access to internal traffic :
- [x] Do a curl from the jumpbox to the this EC2 instance on the private subnet to the noted internal IP address.
VPC