Chapter 5
Creating a VPC
Section 4
Securing Your VPC
Relying solely on Security Groups for our firewall increases the likelihood that an accidental misconfiguration could leave our databases and other private resources exposed to hackers. Best security practice mandates that we should backup our security groups with an additional layer of security. - Network ACLS provide an additional security layer at the subnet boundary - Bastion Instances can be configured to allow SSH or RDP to private instances - Our NACLs and Security Groups can be configured to allow connections through a Bastion