Networking Notes

AWS Environment Configuration

  1. VPC Configuration
    • Region: us-east-1
    • IPv4 CIDR: 172.31.0.0/16
    • DNS Hostnames and Resolution: Enabled
  2. Route Tables
    • Route tables are configured to manage network traffic within the VPC efficiently.
  3. Internet Gateway
    • An internet gateway is attached to the VPC to allow internet access.
  4. Network ACLs
    • Network ACLs are set up to provide an additional layer of security by controlling inbound and outbound traffic at the subnet level.
  5. DNS Firewall Domain Lists
    • AWS managed domain lists are used to enhance security against known threats.
  6. S3 Configuration
    • Primary Website Bucket
      • Versioning: Enabled
      • Default Encryption: Enabled
      • Static Website Hosting: Enabled
    • Redirection Bucket
      • Static Website Hosting: Redirect to CloudFront distribution
    • Logging Bucket
      • Dedicated for storing logs, with strict access controls.
    • Permissions
      • Bucket policies and ACLs are configured to ensure appropriate access controls and security.
  7. AWS Certificate Manager
    • Certificate Details
      • Certificates are used to secure communications for the website, supporting multiple domain names.
  8. CloudFront Configuration
    • CloudFront distribution is set up for content delivery with SSL/TLS certificates and WAF protection enabled.
  9. Route 53 Configuration
    • DNS Records
      • DNS records are configured to route traffic efficiently to CloudFront distributions.
  10. IAM Configuration
    • IAM Users and Groups
      • IAM policies and roles are configured to follow the principle of least privilege, ensuring secure access management.