SlideShare a Scribd company logo

Aws meetup managed_nat

Download as PPTX, PDF
Adam Book
Adam Book

AWS Managed NAT and VPC Log Flow plus VPC trouble Shooting

Technology
1 of 27
AWS Manged NAT & VPC Network Troubleshooting Managing Windows instances in the Cloud
Sponsors
Presented by Adam Book from Find me on LinkedIn News Recap 2014
NAT vs NAT Gateways Comparison Attribute NAT Gateway NAT Instance Availability Highly Available. Nat Gateways in each Availability Zone are implemented with redundancy. * Use a script to manage failover between instances Bandwidth Supports Bursts of up to 10 Gbps Instance type and size dependent Maintenance Managed by AWS Managed by you, installing software updates, system patches etc. Performance Software is optimized for handling NAT traffic A generic Amazon Linux AMI that’s configured to perform NAT. Cost Charged depending on the number of NAT gateways you use, duration of use and amount of data sent. Charged depending on # of Nat Instances used duration or use and size
NAT vs NAT Gateways Comparison Attribute NAT Gateway NAT Instance Public IP addresses Choose the Elastic IP address to associate with the Gateway during creation Use an Elastic IP or public IP address with a NAT instance. You can change the IP by associating a new Elastic IP address. Security Groups Cannot be associated with a NAT Gateway, associate with your resources behind the Gateway Can be assouciated with the NAT instance and the instances behind the NAT Flow Logs Use Flow logs to capture the traffic Use Flow logs to capture the traffic Bastion Servers Not Supported A generic Amazon Linux AMI that’s configured to perform NAT. Traffic metrics Not Supported View CloudWatch Metrics
What about pricing? Region Name Price per Hour Price per GB data processed ($) US East (N Virginia) 0.045 0.045 US West (Oregon) 0.045 0.045 US West (N California) 0.048 0.048 EU (Ireland) 0.048 0.048 EU(Frankfurt) 0.052 0.059 Asia Pacific (Singapore) 0.059 0.059 Asia Pacific (Tokyo) 0.062 0.062 Asia Pacific (Sydney) 0.059 0.059 * Prices as of 3/21/2016
What about pricing? Region Name Price per Hour t2.small Price per Hour US East (N Virginia) 0.045 0.026 US West (Oregon) 0.045 0.026 US West (N California) 0.048 0.034 EU (Ireland) 0.048 0.028 EU(Frankfurt) 0.052 0.03 Asia Pacific (Singapore) 0.059 0.04 Asia Pacific (Tokyo) 0.062 0.04 Asia Pacific (Sydney) 0.059 0.04 * Prices as of 3/21/2016 Nat Gateway vs Nat Instance (t2.small)
Old NAT HA Architecture Previously in an old HA Nat Archicture, one way of doing it would be to have a NAT in each AZ and then have a script that would check the heart beat checking the status of the other.
Creating the NAT Gateway For more info http://docs.aws.amazon.com/cli/latest/reference/ec2/create-nat-gateway.html If you would like to create your NAT Gateway via the CLI then use the following syntax: $ aws ec2 create-nat-gateway --subnet subnet-1a2bc34d --region eu-west-1
Creating the NAT Gateway If you would like to create your NAT Gateway via the CLI then use the following syntax: $ aws ec2 allocate-address --domain vpc --region us-west-2 --profile myprofile $ aws ec2 create-nat-gateway --subnet subnet-1a2bc34d –allocation-id eipalloc-dl3648b5 --region us-west-2 --profile myprofile { "PublicIp": "52.54.70.124", "Domain": "vpc", "AllocationId": "eipalloc-d1e648b5" }
Creating the NAT Gateway If you would like to create your NAT Gateway via the CLI then use the following syntax: { "NatGateway": { "NatGatewayAddresses": [ { "AllocationId": "eipalloc-37fc1a52" } ], "VpcId": "vpc-1122aabb", "State": "pending", "NatGatewayId": "nat-08d48af2a8e83edfd", "SubnetId": "subnet-1a2b3c4d", "CreateTime": "2015-12-17T12:45:26.732Z” } } $ aws ec2 create-nat-gateway --subnet subnet-1a2bc34d –allocation-id eipalloc-dl3648b5 --region us-west-2 --profile myprofile
Below is an example of how to create a NAT Gateway with an EIP (elastic IP) Creating with CloudFormation "NAT" : { "DependsOn" : "VPCGatewayAttach", "Type" : "AWS::EC2::NatGateway", "Properties" : { "AllocationId" : { "Fn::GetAtt" : ["EIP", "AllocationId"]}, "SubnetId" : { "Ref" : "Subnet"} } }, "EIP" : { "Type" : "AWS::EC2::EIP", "Properties" : { "Domain" : "vpc" } }, "Route" : { "Type" : "AWS::EC2::Route", "Properties" : { "RouteTableId" : { "Ref" : "RouteTable" }, "DestinationCidrBlock" : "0.0.0.0/0", "NatGatewayId" : { "Ref" : "NAT" } } }
Migrating to A NAT Gateway Demo Time Photo curtesy of Stephen Radford via http://snap.io
Have you ever dealt with Image by http://www.gratisography.com/ My private instance can’t reach the internet
Check to make sure your routing table are intact for your private routes. First Steps
By default the Amazon Linux instance does not have telenet installed Tips if you using a NAT Instance It does however have NetCat which can provide instant troubleshooting abilities nc 10.0.022 22 &> /dev/null; echo $? Will output 0 if port 22 is open, and 1 if it's closed.
Other ways of using NetCat Tips if you using a NAT Instance Try using netcat to open a connection and listen to a port and then connect from your other instance using telnet >nc –l 80
See if you can reach the outside world Tips if you using a NAT Instance Try using nslookup to see if you can get out and get a response to a known dns name nslookup google.com Server: 10.0.0.2 Address: 10.0.0.2#53 Non-authoritative answer: Name: google.com Address: 216.58.193.78
Make sure that the source-dest check is set to: FALSE on the NAT instance Tips if you using a NAT Instance
VPC FlowLogs includes 1) Information about allowed and denied traffic (based on security group and ACL rules) 2) Source and Destination Addresses 3) Ports, Protocol Number 4) Packet and byte counts
VPC FlowLogs don’t include For more info http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ami-create-standard.html 1) Traffic to Amazon DNS Servers 2) Windows license activation traffic for licenses provided by Amazon 3) Requests for instance metadata 4) DHCP requests or responses
Turning on VPC Flow Logs For more info http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html First Step: Create a Role that can publish to CloudWatch logs { "Version": "2012-10-17", "Statement": [ { "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogGroups", "logs:DescribeLogStreams” ], "Effect": "Allow", "Resource": "*" } ] }
Turning on VPC Flow Logs From the AWS Console  Go to CloudWatch  Choose Logs  Go to Actions  Create Log Group
Turning on VPC Flow Logs For more info http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ami-create-standard.html From the AWS Console  Go to VPC  Choose your VPC  Go to Actions  Create Flow Log
Turning on VPC Flow Logs
VPC FlowLog Limitations • You cannot enable flow logs for network interfaces that are in the EC2-Classic Platform • You cannot enable flow logs for VPCs that are peered with their VPC unless the peer VPC is in your account • You cannot tag a flow log. • After you’ve created a flow log, you cannot change it’s configuration; for example, you can’t associate a different IAM role with the flow log. • If your network interface has multiple IP addresses and traffic is sent to a secondary private IP address, the flow log displays the primary IP address in the destination IP address field.
Questions? Image by http://www.gratisography.com/

Recommended

Aws meetup building_lambda
Aws meetup building_lambdaAws meetup building_lambda
Aws meetup building_lambdaAdam Book
 
Aws atlanta march_2015
Aws atlanta march_2015Aws atlanta march_2015
Aws atlanta march_2015Adam Book
 
(STG406) Using S3 to Build and Scale an Unlimited Storage Service
(STG406) Using S3 to Build and Scale an Unlimited Storage Service(STG406) Using S3 to Build and Scale an Unlimited Storage Service
(STG406) Using S3 to Build and Scale an Unlimited Storage ServiceAmazon Web Services
 
Amazon EC2:Masterclass
Amazon EC2:MasterclassAmazon EC2:Masterclass
Amazon EC2:MasterclassAmazon Web Services
 
(ARC302) Running Lean Architectures: Optimizing for Cost Efficiency
(ARC302) Running Lean Architectures: Optimizing for Cost Efficiency(ARC302) Running Lean Architectures: Optimizing for Cost Efficiency
(ARC302) Running Lean Architectures: Optimizing for Cost EfficiencyAmazon Web Services
 
Amazon S3 - Masterclass - Pop-up Loft Tel Aviv
Amazon S3 - Masterclass - Pop-up Loft Tel AvivAmazon S3 - Masterclass - Pop-up Loft Tel Aviv
Amazon S3 - Masterclass - Pop-up Loft Tel AvivAmazon Web Services
 
An introduction to AWS CloudFormation - Pop-up Loft Tel Aviv
An introduction to AWS CloudFormation - Pop-up Loft Tel AvivAn introduction to AWS CloudFormation - Pop-up Loft Tel Aviv
An introduction to AWS CloudFormation - Pop-up Loft Tel AvivAmazon Web Services
 
February 2016 Webinar Series - EC2 Container Service Deep Dive
February 2016 Webinar Series - EC2 Container Service Deep Dive February 2016 Webinar Series - EC2 Container Service Deep Dive
February 2016 Webinar Series - EC2 Container Service Deep Dive Amazon Web Services
 

Recommended

Aws meetup building_lambda
Aws meetup building_lambdaAws meetup building_lambda
Aws meetup building_lambdaAdam Book
 
Aws atlanta march_2015
Aws atlanta march_2015Aws atlanta march_2015
Aws atlanta march_2015Adam Book
 
(STG406) Using S3 to Build and Scale an Unlimited Storage Service
(STG406) Using S3 to Build and Scale an Unlimited Storage Service(STG406) Using S3 to Build and Scale an Unlimited Storage Service
(STG406) Using S3 to Build and Scale an Unlimited Storage ServiceAmazon Web Services
 
Amazon EC2:Masterclass
Amazon EC2:MasterclassAmazon EC2:Masterclass
Amazon EC2:MasterclassAmazon Web Services
 
(ARC302) Running Lean Architectures: Optimizing for Cost Efficiency
(ARC302) Running Lean Architectures: Optimizing for Cost Efficiency(ARC302) Running Lean Architectures: Optimizing for Cost Efficiency
(ARC302) Running Lean Architectures: Optimizing for Cost EfficiencyAmazon Web Services
 
Amazon S3 - Masterclass - Pop-up Loft Tel Aviv
Amazon S3 - Masterclass - Pop-up Loft Tel AvivAmazon S3 - Masterclass - Pop-up Loft Tel Aviv
Amazon S3 - Masterclass - Pop-up Loft Tel AvivAmazon Web Services
 
An introduction to AWS CloudFormation - Pop-up Loft Tel Aviv
An introduction to AWS CloudFormation - Pop-up Loft Tel AvivAn introduction to AWS CloudFormation - Pop-up Loft Tel Aviv
An introduction to AWS CloudFormation - Pop-up Loft Tel AvivAmazon Web Services
 
February 2016 Webinar Series - EC2 Container Service Deep Dive
February 2016 Webinar Series - EC2 Container Service Deep Dive February 2016 Webinar Series - EC2 Container Service Deep Dive
February 2016 Webinar Series - EC2 Container Service Deep Dive Amazon Web Services
 
Getting Maximum Performance from Amazon Redshift (DAT305) | AWS re:Invent 2013
Getting Maximum Performance from Amazon Redshift (DAT305) | AWS re:Invent 2013Getting Maximum Performance from Amazon Redshift (DAT305) | AWS re:Invent 2013
Getting Maximum Performance from Amazon Redshift (DAT305) | AWS re:Invent 2013Amazon Web Services
 
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMRAmazon Web Services
 
AWS March 2016 Webinar Series - Amazon EC2 Masterclass
AWS March 2016 Webinar Series - Amazon EC2 MasterclassAWS March 2016 Webinar Series - Amazon EC2 Masterclass
AWS March 2016 Webinar Series - Amazon EC2 MasterclassAmazon Web Services
 
AWS APAC Webinar Week - Launching Your First Big Data Project on AWS
AWS APAC Webinar Week - Launching Your First Big Data Project on AWSAWS APAC Webinar Week - Launching Your First Big Data Project on AWS
AWS APAC Webinar Week - Launching Your First Big Data Project on AWSAmazon Web Services
 
DevOps on AWS: Deep Dive on Infrastructure as Code - Toronto
DevOps on AWS: Deep Dive on Infrastructure as Code - TorontoDevOps on AWS: Deep Dive on Infrastructure as Code - Toronto
DevOps on AWS: Deep Dive on Infrastructure as Code - TorontoAmazon Web Services
 
(DVO401) Deep Dive into Blue/Green Deployments on AWS
(DVO401) Deep Dive into Blue/Green Deployments on AWS(DVO401) Deep Dive into Blue/Green Deployments on AWS
(DVO401) Deep Dive into Blue/Green Deployments on AWSAmazon Web Services
 
Building Your First Big Data Application on AWS
Building Your First Big Data Application on AWSBuilding Your First Big Data Application on AWS
Building Your First Big Data Application on AWSAmazon Web Services
 
Scale, baby, scale!
Scale, baby, scale!Scale, baby, scale!
Scale, baby, scale!Julien SIMON
 
Build A Website on AWS for Your First 10 Million Users
Build A Website on AWS for Your First 10 Million UsersBuild A Website on AWS for Your First 10 Million Users
Build A Website on AWS for Your First 10 Million UsersAmazon Web Services
 
Using Amazon Cloudwatch Events, AWS Lambda and Spark Streaming to Process EC2...
Using Amazon Cloudwatch Events, AWS Lambda and Spark Streaming to Process EC2...Using Amazon Cloudwatch Events, AWS Lambda and Spark Streaming to Process EC2...
Using Amazon Cloudwatch Events, AWS Lambda and Spark Streaming to Process EC2...Amazon Web Services
 
Deep Dive on AWS Lambda
Deep Dive on AWS LambdaDeep Dive on AWS Lambda
Deep Dive on AWS LambdaAmazon Web Services
 
Deep Dive on Amazon S3 (May 2016)
Deep Dive on Amazon S3 (May 2016)Deep Dive on Amazon S3 (May 2016)
Deep Dive on Amazon S3 (May 2016)Julien SIMON
 
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum Efficiency
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum EfficiencyDeploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum Efficiency
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum EfficiencyAmazon Web Services
 
Containers on AWS
Containers on AWSContainers on AWS
Containers on AWSAmazon Web Services
 
Advanced Container Management and Scheduling
Advanced Container Management and SchedulingAdvanced Container Management and Scheduling
Advanced Container Management and SchedulingAmazon Web Services
 
How to create aws s3 bucket using terraform
How to create aws s3 bucket using terraformHow to create aws s3 bucket using terraform
How to create aws s3 bucket using terraformKaty Slemon
 
AWS July Webinar Series - Troubleshooting Operational and Security Issues in ...
AWS July Webinar Series - Troubleshooting Operational and Security Issues in ...AWS July Webinar Series - Troubleshooting Operational and Security Issues in ...
AWS July Webinar Series - Troubleshooting Operational and Security Issues in ...Amazon Web Services
 
AWS October Webinar Series - Using Spot Instances to Save up to 90% off Your ...
AWS October Webinar Series - Using Spot Instances to Save up to 90% off Your ...AWS October Webinar Series - Using Spot Instances to Save up to 90% off Your ...
AWS October Webinar Series - Using Spot Instances to Save up to 90% off Your ...Amazon Web Services
 
"How to optimize the architecture of your platform" by Julien Simon
"How to optimize the architecture of your platform" by Julien Simon"How to optimize the architecture of your platform" by Julien Simon
"How to optimize the architecture of your platform" by Julien SimonTheFamily
 
Stream Processing in SmartNews #jawsdays
Stream Processing in SmartNews #jawsdaysStream Processing in SmartNews #jawsdays
Stream Processing in SmartNews #jawsdaysSmartNews, Inc.
 
AWS CloudFormation Intrinsic Functions and Mappings
AWS CloudFormation Intrinsic Functions and Mappings AWS CloudFormation Intrinsic Functions and Mappings
AWS CloudFormation Intrinsic Functions and Mappings Adam Book
 
AWS Atlanta meetup 2/ 2017 Redshift WLM
AWS Atlanta meetup 2/ 2017 Redshift WLM AWS Atlanta meetup 2/ 2017 Redshift WLM
AWS Atlanta meetup 2/ 2017 Redshift WLM Adam Book
 

More Related Content

What's hot

Getting Maximum Performance from Amazon Redshift (DAT305) | AWS re:Invent 2013
Getting Maximum Performance from Amazon Redshift (DAT305) | AWS re:Invent 2013Getting Maximum Performance from Amazon Redshift (DAT305) | AWS re:Invent 2013
Getting Maximum Performance from Amazon Redshift (DAT305) | AWS re:Invent 2013Amazon Web Services
 
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMRAmazon Web Services
 
AWS March 2016 Webinar Series - Amazon EC2 Masterclass
AWS March 2016 Webinar Series - Amazon EC2 MasterclassAWS March 2016 Webinar Series - Amazon EC2 Masterclass
AWS March 2016 Webinar Series - Amazon EC2 MasterclassAmazon Web Services
 
AWS APAC Webinar Week - Launching Your First Big Data Project on AWS
AWS APAC Webinar Week - Launching Your First Big Data Project on AWSAWS APAC Webinar Week - Launching Your First Big Data Project on AWS
AWS APAC Webinar Week - Launching Your First Big Data Project on AWSAmazon Web Services
 
DevOps on AWS: Deep Dive on Infrastructure as Code - Toronto
DevOps on AWS: Deep Dive on Infrastructure as Code - TorontoDevOps on AWS: Deep Dive on Infrastructure as Code - Toronto
DevOps on AWS: Deep Dive on Infrastructure as Code - TorontoAmazon Web Services
 
(DVO401) Deep Dive into Blue/Green Deployments on AWS
(DVO401) Deep Dive into Blue/Green Deployments on AWS(DVO401) Deep Dive into Blue/Green Deployments on AWS
(DVO401) Deep Dive into Blue/Green Deployments on AWSAmazon Web Services
 
Building Your First Big Data Application on AWS
Building Your First Big Data Application on AWSBuilding Your First Big Data Application on AWS
Building Your First Big Data Application on AWSAmazon Web Services
 
Scale, baby, scale!
Scale, baby, scale!Scale, baby, scale!
Scale, baby, scale!Julien SIMON
 
Build A Website on AWS for Your First 10 Million Users
Build A Website on AWS for Your First 10 Million UsersBuild A Website on AWS for Your First 10 Million Users
Build A Website on AWS for Your First 10 Million UsersAmazon Web Services
 
Using Amazon Cloudwatch Events, AWS Lambda and Spark Streaming to Process EC2...
Using Amazon Cloudwatch Events, AWS Lambda and Spark Streaming to Process EC2...Using Amazon Cloudwatch Events, AWS Lambda and Spark Streaming to Process EC2...
Using Amazon Cloudwatch Events, AWS Lambda and Spark Streaming to Process EC2...Amazon Web Services
 
Deep Dive on Amazon S3 (May 2016)
Deep Dive on Amazon S3 (May 2016)Deep Dive on Amazon S3 (May 2016)
Deep Dive on Amazon S3 (May 2016)Julien SIMON
 
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum Efficiency
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum EfficiencyDeploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum Efficiency
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum EfficiencyAmazon Web Services
 
Advanced Container Management and Scheduling
Advanced Container Management and SchedulingAdvanced Container Management and Scheduling
Advanced Container Management and SchedulingAmazon Web Services
 
How to create aws s3 bucket using terraform
How to create aws s3 bucket using terraformHow to create aws s3 bucket using terraform
How to create aws s3 bucket using terraformKaty Slemon
 
AWS July Webinar Series - Troubleshooting Operational and Security Issues in ...
AWS July Webinar Series - Troubleshooting Operational and Security Issues in ...AWS July Webinar Series - Troubleshooting Operational and Security Issues in ...
AWS July Webinar Series - Troubleshooting Operational and Security Issues in ...Amazon Web Services
 
AWS October Webinar Series - Using Spot Instances to Save up to 90% off Your ...
AWS October Webinar Series - Using Spot Instances to Save up to 90% off Your ...AWS October Webinar Series - Using Spot Instances to Save up to 90% off Your ...
AWS October Webinar Series - Using Spot Instances to Save up to 90% off Your ...Amazon Web Services
 
"How to optimize the architecture of your platform" by Julien Simon
"How to optimize the architecture of your platform" by Julien Simon"How to optimize the architecture of your platform" by Julien Simon
"How to optimize the architecture of your platform" by Julien SimonTheFamily
 
Stream Processing in SmartNews #jawsdays
Stream Processing in SmartNews #jawsdaysStream Processing in SmartNews #jawsdays
Stream Processing in SmartNews #jawsdaysSmartNews, Inc.
 

What's hot (20)

Getting Maximum Performance from Amazon Redshift (DAT305) | AWS re:Invent 2013
Getting Maximum Performance from Amazon Redshift (DAT305) | AWS re:Invent 2013Getting Maximum Performance from Amazon Redshift (DAT305) | AWS re:Invent 2013
Getting Maximum Performance from Amazon Redshift (DAT305) | AWS re:Invent 2013
 
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR
 
AWS March 2016 Webinar Series - Amazon EC2 Masterclass
AWS March 2016 Webinar Series - Amazon EC2 MasterclassAWS March 2016 Webinar Series - Amazon EC2 Masterclass
AWS March 2016 Webinar Series - Amazon EC2 Masterclass
 
AWS APAC Webinar Week - Launching Your First Big Data Project on AWS
AWS APAC Webinar Week - Launching Your First Big Data Project on AWSAWS APAC Webinar Week - Launching Your First Big Data Project on AWS
AWS APAC Webinar Week - Launching Your First Big Data Project on AWS
 
DevOps on AWS: Deep Dive on Infrastructure as Code - Toronto
DevOps on AWS: Deep Dive on Infrastructure as Code - TorontoDevOps on AWS: Deep Dive on Infrastructure as Code - Toronto
DevOps on AWS: Deep Dive on Infrastructure as Code - Toronto
 
(DVO401) Deep Dive into Blue/Green Deployments on AWS
(DVO401) Deep Dive into Blue/Green Deployments on AWS(DVO401) Deep Dive into Blue/Green Deployments on AWS
(DVO401) Deep Dive into Blue/Green Deployments on AWS
 
Building Your First Big Data Application on AWS
Building Your First Big Data Application on AWSBuilding Your First Big Data Application on AWS
Building Your First Big Data Application on AWS
 
Scale, baby, scale!
Scale, baby, scale!Scale, baby, scale!
Scale, baby, scale!
 
Build A Website on AWS for Your First 10 Million Users
Build A Website on AWS for Your First 10 Million UsersBuild A Website on AWS for Your First 10 Million Users
Build A Website on AWS for Your First 10 Million Users
 
Using Amazon Cloudwatch Events, AWS Lambda and Spark Streaming to Process EC2...
Using Amazon Cloudwatch Events, AWS Lambda and Spark Streaming to Process EC2...Using Amazon Cloudwatch Events, AWS Lambda and Spark Streaming to Process EC2...
Using Amazon Cloudwatch Events, AWS Lambda and Spark Streaming to Process EC2...
 
Deep Dive on AWS Lambda
Deep Dive on AWS LambdaDeep Dive on AWS Lambda
Deep Dive on AWS Lambda
 
Deep Dive on Amazon S3 (May 2016)
Deep Dive on Amazon S3 (May 2016)Deep Dive on Amazon S3 (May 2016)
Deep Dive on Amazon S3 (May 2016)
 
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum Efficiency
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum EfficiencyDeploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum Efficiency
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum Efficiency
 
Containers on AWS
Containers on AWSContainers on AWS
Containers on AWS
 
Advanced Container Management and Scheduling
Advanced Container Management and SchedulingAdvanced Container Management and Scheduling
Advanced Container Management and Scheduling
 
How to create aws s3 bucket using terraform
How to create aws s3 bucket using terraformHow to create aws s3 bucket using terraform
How to create aws s3 bucket using terraform
 
AWS July Webinar Series - Troubleshooting Operational and Security Issues in ...
AWS July Webinar Series - Troubleshooting Operational and Security Issues in ...AWS July Webinar Series - Troubleshooting Operational and Security Issues in ...
AWS July Webinar Series - Troubleshooting Operational and Security Issues in ...
 
AWS October Webinar Series - Using Spot Instances to Save up to 90% off Your ...
AWS October Webinar Series - Using Spot Instances to Save up to 90% off Your ...AWS October Webinar Series - Using Spot Instances to Save up to 90% off Your ...
AWS October Webinar Series - Using Spot Instances to Save up to 90% off Your ...
 
"How to optimize the architecture of your platform" by Julien Simon
"How to optimize the architecture of your platform" by Julien Simon"How to optimize the architecture of your platform" by Julien Simon
"How to optimize the architecture of your platform" by Julien Simon
 
Stream Processing in SmartNews #jawsdays
Stream Processing in SmartNews #jawsdaysStream Processing in SmartNews #jawsdays
Stream Processing in SmartNews #jawsdays
 

Viewers also liked

AWS CloudFormation Intrinsic Functions and Mappings
AWS CloudFormation Intrinsic Functions and Mappings AWS CloudFormation Intrinsic Functions and Mappings
AWS CloudFormation Intrinsic Functions and Mappings Adam Book
 
AWS Atlanta meetup 2/ 2017 Redshift WLM
AWS Atlanta meetup 2/ 2017 Redshift WLM AWS Atlanta meetup 2/ 2017 Redshift WLM
AWS Atlanta meetup 2/ 2017 Redshift WLM Adam Book
 
AWS Certification Paths And Tips for Getting Certified
AWS Certification Paths And Tips for Getting CertifiedAWS Certification Paths And Tips for Getting Certified
AWS Certification Paths And Tips for Getting CertifiedAdam Book
 
Aws Atlanta meetup Amazon Athena
Aws Atlanta meetup Amazon AthenaAws Atlanta meetup Amazon Athena
Aws Atlanta meetup Amazon AthenaAdam Book
 
Aws meetup aws_waf
Aws meetup aws_wafAws meetup aws_waf
Aws meetup aws_wafAdam Book
 
AWS CloudFormation Best Practices
AWS CloudFormation Best PracticesAWS CloudFormation Best Practices
AWS CloudFormation Best PracticesAmazon Web Services
 

Viewers also liked (7)

AWS CloudFormation Intrinsic Functions and Mappings
AWS CloudFormation Intrinsic Functions and Mappings AWS CloudFormation Intrinsic Functions and Mappings
AWS CloudFormation Intrinsic Functions and Mappings
 
AWS Atlanta meetup 2/ 2017 Redshift WLM
AWS Atlanta meetup 2/ 2017 Redshift WLM AWS Atlanta meetup 2/ 2017 Redshift WLM
AWS Atlanta meetup 2/ 2017 Redshift WLM
 
AWS Certification Paths And Tips for Getting Certified
AWS Certification Paths And Tips for Getting CertifiedAWS Certification Paths And Tips for Getting Certified
AWS Certification Paths And Tips for Getting Certified
 
Aws Atlanta meetup Amazon Athena
Aws Atlanta meetup Amazon AthenaAws Atlanta meetup Amazon Athena
Aws Atlanta meetup Amazon Athena
 
Aws meetup aws_waf
Aws meetup aws_wafAws meetup aws_waf
Aws meetup aws_waf
 
AWS CloudFormation Best Practices
AWS CloudFormation Best PracticesAWS CloudFormation Best Practices
AWS CloudFormation Best Practices
 
SlideShare 101
SlideShare 101SlideShare 101
SlideShare 101
 

Similar to Aws meetup managed_nat

(BAC404) Deploying High Availability and Disaster Recovery Architectures with...
(BAC404) Deploying High Availability and Disaster Recovery Architectures with...(BAC404) Deploying High Availability and Disaster Recovery Architectures with...
(BAC404) Deploying High Availability and Disaster Recovery Architectures with...Amazon Web Services
 
Programming the Physical World with Device Shadows and Rules Engine
Programming the Physical World with Device Shadows and Rules EngineProgramming the Physical World with Device Shadows and Rules Engine
Programming the Physical World with Device Shadows and Rules EngineAmazon Web Services
 
(SOV204) Scaling Up to Your First 10 Million Users | AWS re:Invent 2014
(SOV204) Scaling Up to Your First 10 Million Users | AWS re:Invent 2014(SOV204) Scaling Up to Your First 10 Million Users | AWS re:Invent 2014
(SOV204) Scaling Up to Your First 10 Million Users | AWS re:Invent 2014Amazon Web Services
 
(NET405) Build a Remote Access VPN Solution on AWS
(NET405) Build a Remote Access VPN Solution on AWS(NET405) Build a Remote Access VPN Solution on AWS
(NET405) Build a Remote Access VPN Solution on AWSAmazon Web Services
 
AZUG.BE - Azure User Group Belgium - First public meeting
AZUG.BE - Azure User Group Belgium - First public meetingAZUG.BE - Azure User Group Belgium - First public meeting
AZUG.BE - Azure User Group Belgium - First public meetingMaarten Balliauw
 
AWS Direct Connect 및 VPN을 이용한 클라우드 아키텍쳐 설계:: Steve Seymour :: AWS Summit Seou...
AWS Direct Connect 및 VPN을 이용한 클라우드 아키텍쳐 설계:: Steve Seymour :: AWS Summit Seou...AWS Direct Connect 및 VPN을 이용한 클라우드 아키텍쳐 설계:: Steve Seymour :: AWS Summit Seou...
AWS Direct Connect 및 VPN을 이용한 클라우드 아키텍쳐 설계:: Steve Seymour :: AWS Summit Seou...Amazon Web Services Korea
 
(ARC401) Cloud First: New Architecture for New Infrastructure
(ARC401) Cloud First: New Architecture for New Infrastructure(ARC401) Cloud First: New Architecture for New Infrastructure
(ARC401) Cloud First: New Architecture for New InfrastructureAmazon Web Services
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAmazon Web Services
 
(NET406) Deep Dive: AWS Direct Connect and VPNs
(NET406) Deep Dive: AWS Direct Connect and VPNs(NET406) Deep Dive: AWS Direct Connect and VPNs
(NET406) Deep Dive: AWS Direct Connect and VPNsAmazon Web Services
 
AWS Data Transfer Services: Data Ingest Strategies Into the AWS Cloud
AWS Data Transfer Services: Data Ingest Strategies Into the AWS CloudAWS Data Transfer Services: Data Ingest Strategies Into the AWS Cloud
AWS Data Transfer Services: Data Ingest Strategies Into the AWS CloudAmazon Web Services
 
Improve your TCO and Optimise your Cloud Spend
Improve your TCO and Optimise your Cloud SpendImprove your TCO and Optimise your Cloud Spend
Improve your TCO and Optimise your Cloud SpendAmazon Web Services
 
(ARC403) From One to Many: Evolving VPC Design | AWS re:Invent 2014
(ARC403) From One to Many: Evolving VPC Design | AWS re:Invent 2014(ARC403) From One to Many: Evolving VPC Design | AWS re:Invent 2014
(ARC403) From One to Many: Evolving VPC Design | AWS re:Invent 2014Amazon Web Services
 
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018Running Serverless at The Edge (CTD302) - AWS re:Invent 2018
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018Amazon Web Services
 
AWS Cloud Kata 2014 | Jakarta - 2-1 AWS Intro and Scale 2014
AWS Cloud Kata 2014 | Jakarta - 2-1 AWS Intro and Scale 2014AWS Cloud Kata 2014 | Jakarta - 2-1 AWS Intro and Scale 2014
AWS Cloud Kata 2014 | Jakarta - 2-1 AWS Intro and Scale 2014Amazon Web Services
 
Automating Security in your IaC Pipeline
Automating Security in your IaC PipelineAutomating Security in your IaC Pipeline
Automating Security in your IaC PipelineAmazon Web Services
 
CloudFork
CloudForkCloudFork
CloudForkESUG
 
(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...
(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...
(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...Amazon Web Services
 
AWS Data Transfer Services: Data Ingest Strategies Into the AWS Cloud
AWS Data Transfer Services: Data Ingest Strategies Into the AWS CloudAWS Data Transfer Services: Data Ingest Strategies Into the AWS Cloud
AWS Data Transfer Services: Data Ingest Strategies Into the AWS CloudAmazon Web Services
 

Similar to Aws meetup managed_nat (20)

(BAC404) Deploying High Availability and Disaster Recovery Architectures with...
(BAC404) Deploying High Availability and Disaster Recovery Architectures with...(BAC404) Deploying High Availability and Disaster Recovery Architectures with...
(BAC404) Deploying High Availability and Disaster Recovery Architectures with...
 
Programming the Physical World with Device Shadows and Rules Engine
Programming the Physical World with Device Shadows and Rules EngineProgramming the Physical World with Device Shadows and Rules Engine
Programming the Physical World with Device Shadows and Rules Engine
 
(SOV204) Scaling Up to Your First 10 Million Users | AWS re:Invent 2014
(SOV204) Scaling Up to Your First 10 Million Users | AWS re:Invent 2014(SOV204) Scaling Up to Your First 10 Million Users | AWS re:Invent 2014
(SOV204) Scaling Up to Your First 10 Million Users | AWS re:Invent 2014
 
(NET405) Build a Remote Access VPN Solution on AWS
(NET405) Build a Remote Access VPN Solution on AWS(NET405) Build a Remote Access VPN Solution on AWS
(NET405) Build a Remote Access VPN Solution on AWS
 
AZUG.BE - Azure User Group Belgium - First public meeting
AZUG.BE - Azure User Group Belgium - First public meetingAZUG.BE - Azure User Group Belgium - First public meeting
AZUG.BE - Azure User Group Belgium - First public meeting
 
AWS Direct Connect 및 VPN을 이용한 클라우드 아키텍쳐 설계:: Steve Seymour :: AWS Summit Seou...
AWS Direct Connect 및 VPN을 이용한 클라우드 아키텍쳐 설계:: Steve Seymour :: AWS Summit Seou...AWS Direct Connect 및 VPN을 이용한 클라우드 아키텍쳐 설계:: Steve Seymour :: AWS Summit Seou...
AWS Direct Connect 및 VPN을 이용한 클라우드 아키텍쳐 설계:: Steve Seymour :: AWS Summit Seou...
 
What Is Happening At The Edge
What Is Happening At The EdgeWhat Is Happening At The Edge
What Is Happening At The Edge
 
AWS 101 Event - 16 July 2013
AWS 101 Event - 16 July 2013AWS 101 Event - 16 July 2013
AWS 101 Event - 16 July 2013
 
(ARC401) Cloud First: New Architecture for New Infrastructure
(ARC401) Cloud First: New Architecture for New Infrastructure(ARC401) Cloud First: New Architecture for New Infrastructure
(ARC401) Cloud First: New Architecture for New Infrastructure
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design Patterns
 
(NET406) Deep Dive: AWS Direct Connect and VPNs
(NET406) Deep Dive: AWS Direct Connect and VPNs(NET406) Deep Dive: AWS Direct Connect and VPNs
(NET406) Deep Dive: AWS Direct Connect and VPNs
 
AWS Data Transfer Services: Data Ingest Strategies Into the AWS Cloud
AWS Data Transfer Services: Data Ingest Strategies Into the AWS CloudAWS Data Transfer Services: Data Ingest Strategies Into the AWS Cloud
AWS Data Transfer Services: Data Ingest Strategies Into the AWS Cloud
 
Improve your TCO and Optimise your Cloud Spend
Improve your TCO and Optimise your Cloud SpendImprove your TCO and Optimise your Cloud Spend
Improve your TCO and Optimise your Cloud Spend
 
(ARC403) From One to Many: Evolving VPC Design | AWS re:Invent 2014
(ARC403) From One to Many: Evolving VPC Design | AWS re:Invent 2014(ARC403) From One to Many: Evolving VPC Design | AWS re:Invent 2014
(ARC403) From One to Many: Evolving VPC Design | AWS re:Invent 2014
 
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018Running Serverless at The Edge (CTD302) - AWS re:Invent 2018
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018
 
AWS Cloud Kata 2014 | Jakarta - 2-1 AWS Intro and Scale 2014
AWS Cloud Kata 2014 | Jakarta - 2-1 AWS Intro and Scale 2014AWS Cloud Kata 2014 | Jakarta - 2-1 AWS Intro and Scale 2014
AWS Cloud Kata 2014 | Jakarta - 2-1 AWS Intro and Scale 2014
 
Automating Security in your IaC Pipeline
Automating Security in your IaC PipelineAutomating Security in your IaC Pipeline
Automating Security in your IaC Pipeline
 
CloudFork
CloudForkCloudFork
CloudFork
 
(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...
(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...
(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...
 
AWS Data Transfer Services: Data Ingest Strategies Into the AWS Cloud
AWS Data Transfer Services: Data Ingest Strategies Into the AWS CloudAWS Data Transfer Services: Data Ingest Strategies Into the AWS Cloud
AWS Data Transfer Services: Data Ingest Strategies Into the AWS Cloud
 

More from Adam Book

Aws meetup control_tower
Aws meetup control_towerAws meetup control_tower
Aws meetup control_towerAdam Book
 
Aws meetup s3_plus
Aws meetup s3_plusAws meetup s3_plus
Aws meetup s3_plusAdam Book
 
AWS Atlanta Meetup -AWS Spot Blocks and Spot Fleet
AWS Atlanta Meetup -AWS Spot Blocks and Spot FleetAWS Atlanta Meetup -AWS Spot Blocks and Spot Fleet
AWS Atlanta Meetup -AWS Spot Blocks and Spot FleetAdam Book
 
AWS Atlanta meetup Build Tools - Code Commit, Code Build, Code Deploy
AWS Atlanta meetup Build Tools - Code Commit, Code Build, Code DeployAWS Atlanta meetup Build Tools - Code Commit, Code Build, Code Deploy
AWS Atlanta meetup Build Tools - Code Commit, Code Build, Code DeployAdam Book
 
AWS Atlanta Meetup - June 19 - AWS organizations - Account Structure
AWS Atlanta Meetup - June 19 - AWS organizations - Account StructureAWS Atlanta Meetup - June 19 - AWS organizations - Account Structure
AWS Atlanta Meetup - June 19 - AWS organizations - Account StructureAdam Book
 
Aws meetup systems_manager
Aws meetup systems_managerAws meetup systems_manager
Aws meetup systems_managerAdam Book
 
AWS Atlanta meetup Secrets Manager
AWS Atlanta meetup Secrets ManagerAWS Atlanta meetup Secrets Manager
AWS Atlanta meetup Secrets ManagerAdam Book
 
AWS Atlanta meetup load-balancing
AWS Atlanta meetup load-balancingAWS Atlanta meetup load-balancing
AWS Atlanta meetup load-balancingAdam Book
 
AWS Atlanta meetup cognit Back to Basics
AWS Atlanta meetup cognit Back to BasicsAWS Atlanta meetup cognit Back to Basics
AWS Atlanta meetup cognit Back to BasicsAdam Book
 
AWS Atlanta meetup CloudFormation conditionals
AWS Atlanta meetup CloudFormation conditionals AWS Atlanta meetup CloudFormation conditionals
AWS Atlanta meetup CloudFormation conditionals Adam Book
 
Aws Atlanta meetup - Understanding AWS Config
Aws Atlanta meetup - Understanding AWS ConfigAws Atlanta meetup - Understanding AWS Config
Aws Atlanta meetup - Understanding AWS ConfigAdam Book
 
Aws meetup ssm
Aws meetup ssmAws meetup ssm
Aws meetup ssmAdam Book
 
Aws multi-region High Availability
Aws multi-region High Availability Aws multi-region High Availability
Aws multi-region High Availability Adam Book
 
AWS Cloud Formation
AWS Cloud Formation AWS Cloud Formation
AWS Cloud Formation Adam Book
 

More from Adam Book (14)

Aws meetup control_tower
Aws meetup control_towerAws meetup control_tower
Aws meetup control_tower
 
Aws meetup s3_plus
Aws meetup s3_plusAws meetup s3_plus
Aws meetup s3_plus
 
AWS Atlanta Meetup -AWS Spot Blocks and Spot Fleet
AWS Atlanta Meetup -AWS Spot Blocks and Spot FleetAWS Atlanta Meetup -AWS Spot Blocks and Spot Fleet
AWS Atlanta Meetup -AWS Spot Blocks and Spot Fleet
 
AWS Atlanta meetup Build Tools - Code Commit, Code Build, Code Deploy
AWS Atlanta meetup Build Tools - Code Commit, Code Build, Code DeployAWS Atlanta meetup Build Tools - Code Commit, Code Build, Code Deploy
AWS Atlanta meetup Build Tools - Code Commit, Code Build, Code Deploy
 
AWS Atlanta Meetup - June 19 - AWS organizations - Account Structure
AWS Atlanta Meetup - June 19 - AWS organizations - Account StructureAWS Atlanta Meetup - June 19 - AWS organizations - Account Structure
AWS Atlanta Meetup - June 19 - AWS organizations - Account Structure
 
Aws meetup systems_manager
Aws meetup systems_managerAws meetup systems_manager
Aws meetup systems_manager
 
AWS Atlanta meetup Secrets Manager
AWS Atlanta meetup Secrets ManagerAWS Atlanta meetup Secrets Manager
AWS Atlanta meetup Secrets Manager
 
AWS Atlanta meetup load-balancing
AWS Atlanta meetup load-balancingAWS Atlanta meetup load-balancing
AWS Atlanta meetup load-balancing
 
AWS Atlanta meetup cognit Back to Basics
AWS Atlanta meetup cognit Back to BasicsAWS Atlanta meetup cognit Back to Basics
AWS Atlanta meetup cognit Back to Basics
 
AWS Atlanta meetup CloudFormation conditionals
AWS Atlanta meetup CloudFormation conditionals AWS Atlanta meetup CloudFormation conditionals
AWS Atlanta meetup CloudFormation conditionals
 
Aws Atlanta meetup - Understanding AWS Config
Aws Atlanta meetup - Understanding AWS ConfigAws Atlanta meetup - Understanding AWS Config
Aws Atlanta meetup - Understanding AWS Config
 
Aws meetup ssm
Aws meetup ssmAws meetup ssm
Aws meetup ssm
 
Aws multi-region High Availability
Aws multi-region High Availability Aws multi-region High Availability
Aws multi-region High Availability
 
AWS Cloud Formation
AWS Cloud Formation AWS Cloud Formation
AWS Cloud Formation
 

Recently uploaded

Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 

Recently uploaded (20)

Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 

Aws meetup managed_nat

  • 1. AWS Manged NAT & VPC Network Troubleshooting Managing Windows instances in the Cloud
  • 3. Presented by Adam Book from Find me on LinkedIn News Recap 2014
  • 4. NAT vs NAT Gateways Comparison Attribute NAT Gateway NAT Instance Availability Highly Available. Nat Gateways in each Availability Zone are implemented with redundancy. * Use a script to manage failover between instances Bandwidth Supports Bursts of up to 10 Gbps Instance type and size dependent Maintenance Managed by AWS Managed by you, installing software updates, system patches etc. Performance Software is optimized for handling NAT traffic A generic Amazon Linux AMI that’s configured to perform NAT. Cost Charged depending on the number of NAT gateways you use, duration of use and amount of data sent. Charged depending on # of Nat Instances used duration or use and size
  • 5. NAT vs NAT Gateways Comparison Attribute NAT Gateway NAT Instance Public IP addresses Choose the Elastic IP address to associate with the Gateway during creation Use an Elastic IP or public IP address with a NAT instance. You can change the IP by associating a new Elastic IP address. Security Groups Cannot be associated with a NAT Gateway, associate with your resources behind the Gateway Can be assouciated with the NAT instance and the instances behind the NAT Flow Logs Use Flow logs to capture the traffic Use Flow logs to capture the traffic Bastion Servers Not Supported A generic Amazon Linux AMI that’s configured to perform NAT. Traffic metrics Not Supported View CloudWatch Metrics
  • 6. What about pricing? Region Name Price per Hour Price per GB data processed ($) US East (N Virginia) 0.045 0.045 US West (Oregon) 0.045 0.045 US West (N California) 0.048 0.048 EU (Ireland) 0.048 0.048 EU(Frankfurt) 0.052 0.059 Asia Pacific (Singapore) 0.059 0.059 Asia Pacific (Tokyo) 0.062 0.062 Asia Pacific (Sydney) 0.059 0.059 * Prices as of 3/21/2016
  • 7. What about pricing? Region Name Price per Hour t2.small Price per Hour US East (N Virginia) 0.045 0.026 US West (Oregon) 0.045 0.026 US West (N California) 0.048 0.034 EU (Ireland) 0.048 0.028 EU(Frankfurt) 0.052 0.03 Asia Pacific (Singapore) 0.059 0.04 Asia Pacific (Tokyo) 0.062 0.04 Asia Pacific (Sydney) 0.059 0.04 * Prices as of 3/21/2016 Nat Gateway vs Nat Instance (t2.small)
  • 8. Old NAT HA Architecture Previously in an old HA Nat Archicture, one way of doing it would be to have a NAT in each AZ and then have a script that would check the heart beat checking the status of the other.
  • 9. Creating the NAT Gateway For more info http://docs.aws.amazon.com/cli/latest/reference/ec2/create-nat-gateway.html If you would like to create your NAT Gateway via the CLI then use the following syntax: $ aws ec2 create-nat-gateway --subnet subnet-1a2bc34d --region eu-west-1
  • 10. Creating the NAT Gateway If you would like to create your NAT Gateway via the CLI then use the following syntax: $ aws ec2 allocate-address --domain vpc --region us-west-2 --profile myprofile $ aws ec2 create-nat-gateway --subnet subnet-1a2bc34d –allocation-id eipalloc-dl3648b5 --region us-west-2 --profile myprofile { "PublicIp": "52.54.70.124", "Domain": "vpc", "AllocationId": "eipalloc-d1e648b5" }
  • 11. Creating the NAT Gateway If you would like to create your NAT Gateway via the CLI then use the following syntax: { "NatGateway": { "NatGatewayAddresses": [ { "AllocationId": "eipalloc-37fc1a52" } ], "VpcId": "vpc-1122aabb", "State": "pending", "NatGatewayId": "nat-08d48af2a8e83edfd", "SubnetId": "subnet-1a2b3c4d", "CreateTime": "2015-12-17T12:45:26.732Z” } } $ aws ec2 create-nat-gateway --subnet subnet-1a2bc34d –allocation-id eipalloc-dl3648b5 --region us-west-2 --profile myprofile
  • 12. Below is an example of how to create a NAT Gateway with an EIP (elastic IP) Creating with CloudFormation "NAT" : { "DependsOn" : "VPCGatewayAttach", "Type" : "AWS::EC2::NatGateway", "Properties" : { "AllocationId" : { "Fn::GetAtt" : ["EIP", "AllocationId"]}, "SubnetId" : { "Ref" : "Subnet"} } }, "EIP" : { "Type" : "AWS::EC2::EIP", "Properties" : { "Domain" : "vpc" } }, "Route" : { "Type" : "AWS::EC2::Route", "Properties" : { "RouteTableId" : { "Ref" : "RouteTable" }, "DestinationCidrBlock" : "0.0.0.0/0", "NatGatewayId" : { "Ref" : "NAT" } } }
  • 13. Migrating to A NAT Gateway Demo Time Photo curtesy of Stephen Radford via http://snap.io
  • 14. Have you ever dealt with Image by http://www.gratisography.com/ My private instance can’t reach the internet
  • 15. Check to make sure your routing table are intact for your private routes. First Steps
  • 16. By default the Amazon Linux instance does not have telenet installed Tips if you using a NAT Instance It does however have NetCat which can provide instant troubleshooting abilities nc 10.0.022 22 &> /dev/null; echo $? Will output 0 if port 22 is open, and 1 if it's closed.
  • 17. Other ways of using NetCat Tips if you using a NAT Instance Try using netcat to open a connection and listen to a port and then connect from your other instance using telnet >nc –l 80
  • 18. See if you can reach the outside world Tips if you using a NAT Instance Try using nslookup to see if you can get out and get a response to a known dns name nslookup google.com Server: 10.0.0.2 Address: 10.0.0.2#53 Non-authoritative answer: Name: google.com Address: 216.58.193.78
  • 19. Make sure that the source-dest check is set to: FALSE on the NAT instance Tips if you using a NAT Instance
  • 20. VPC FlowLogs includes 1) Information about allowed and denied traffic (based on security group and ACL rules) 2) Source and Destination Addresses 3) Ports, Protocol Number 4) Packet and byte counts
  • 21. VPC FlowLogs don’t include For more info http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ami-create-standard.html 1) Traffic to Amazon DNS Servers 2) Windows license activation traffic for licenses provided by Amazon 3) Requests for instance metadata 4) DHCP requests or responses
  • 22. Turning on VPC Flow Logs For more info http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html First Step: Create a Role that can publish to CloudWatch logs { "Version": "2012-10-17", "Statement": [ { "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogGroups", "logs:DescribeLogStreams” ], "Effect": "Allow", "Resource": "*" } ] }
  • 23. Turning on VPC Flow Logs From the AWS Console  Go to CloudWatch  Choose Logs  Go to Actions  Create Log Group
  • 24. Turning on VPC Flow Logs For more info http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ami-create-standard.html From the AWS Console  Go to VPC  Choose your VPC  Go to Actions  Create Flow Log
  • 25. Turning on VPC Flow Logs
  • 26. VPC FlowLog Limitations • You cannot enable flow logs for network interfaces that are in the EC2-Classic Platform • You cannot enable flow logs for VPCs that are peered with their VPC unless the peer VPC is in your account • You cannot tag a flow log. • After you’ve created a flow log, you cannot change it’s configuration; for example, you can’t associate a different IAM role with the flow log. • If your network interface has multiple IP addresses and traffic is sent to a secondary private IP address, the flow log displays the primary IP address in the destination IP address field.

Editor's Notes

  1. AWS already has managed policies for SSM to attached either to your users or Roles. These can be easily found by going to to policy section of IAM and then searching for SSM
  2. We need to allocate an EIP first and then use that allocation ID when requesting our NAT Gateway
  3. Finally on Feb 26th AWS announced support for the NAT Gateway in CloudFormation Official CF documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-natgateway.html
  4. Let’s take a look at some of the commands that we can perform
  5. When creating an Image from a pre-existing image to join a domain, an important step is to shut down the system with Sysprep. This can be done either graphically from the EC2config screen or by using the CLI
  6. When creating an Image from a pre-existing image to join a domain, an important step is to shut down the system with Sysprep. This can be done either graphically from the EC2config screen or by using the CLI
  7. When creating an Image from a pre-existing image to join a domain, an important step is to shut down the system with Sysprep. This can be done either graphically from the EC2config screen or by using the CLI
  8. We are going to need a Log Group in our next steps to push our Logs to later
  9. When creating an Image from a pre-existing image to join a domain, an important step is to shut down the system with Sysprep. This can be done either graphically from the EC2config screen or by using the CLI
  10. When setting up the VPC flow logs you will have to choose a few things including the Destination Log Group: The name of the CloudWatch Logs log group to which the flow log will be published. A log stream will be created in this log group for each network interface being monitored. We could also filter on one of three items: All, Accept, and Reject
  11. When creating an Image from a pre-existing image to join a domain, an important step is to shut down the system with Sysprep. This can be done either graphically from the EC2config screen or by using the CLI