AWS Certified Solutions Architect - Professional
  • AWS Certified Solutions Architect - Professional
  • Analytics
    • Amazon Athena
    • AWS Data Exchange
    • Amazon Data Firehose
    • Amazon EMR
    • AWS Glue
    • Amazon Kinesis Data Streams
    • AWS Lake Formation
    • Amazon Managed Service for Apache Flink
    • Amazon Managed Streaming for Apache Kafka (Amazon MSK)
    • Amazon OpenSearch Service
    • Amazon QuickSight
  • Application Integration
    • Amazon AppFlow
  • AWS AppSync
  • Amazon EventBridge
  • Amazon MQ
  • Amazon Simple Notification Service
  • Amazon Simple Queue Service
  • AWS Step Functions
  • Blockchain
    • Amazon Managed Blockchain
  • Business Applications
    • Amazon Simple Email Service
  • Cloud Financial Management
    • AWS Budgets
    • AWS Cost and Usage Report
  • AWS Cost Explorer
  • Savings Plans
  • COMPUTE
    • AWS App Runner
  • AWS Auto Scaling
  • AWS Batch
  • AWS Elastic Beanstalk
  • Amazon Elastic Compute Cloud
  • Amazon EC2 Auto Scaling
  • AWS Fargate
  • AWS Lambda
  • Amazon Lightsail
  • AWS Outposts
  • AWS Wavelength
  • CONTAINERS
    • Amazon Elastic Container Registry
    • Amazon Elastic Container Service
    • Amazon ECS Anywhere
    • Amazon Elastic Kubernetes Service
    • Amazon EKS Anywhere
    • Amazon EKS Distro
  • DATABASES
    • Amazon Aurora
  • Amazon Aurora Serverless
  • Amazon DocumentDB
  • Amazon DynamoDB
  • Amazon ElastiCache
  • Amazon Keyspaces
  • Amazon Neptune
  • Amazon Relational Database Service
  • Amazon Redshift
  • Amazon Timestream
  • Developer Tools
    • AWS CodeArtifact
    • AWS CodeBuild
    • AWS CodeDeploy
    • Amazon CodeGuru
    • AWS CodePipeline
    • AWS X-Ray
  • End User Computing
    • Amazon AppStream 2.0
  • Amazon Workspaces
  • Frontend Web and Mobile
    • AWS Amplify
    • Amazon API Gateway
    • AWS Device Farm
    • Amazon Pinpoint
  • Internet of Things
    • AWS IoT Core
    • AWS IoT Device Defender
    • AWS IoT Device Management
    • AWS IoT Events
    • AWS IoT Greengrass
    • AWS IoT SiteWise
    • AWS IoT Things Graph
  • AWS IoT 1-Click
  • Machine Learning
    • Amazon Comprehend
    • Amazon Fraud Detector
    • Amazon Kendra
    • Amazon Lex
    • Amazon Personalize
    • Amazon Polly
    • Amazon Rekognition
  • Amazon SageMaker AI
  • Amazon Textract
  • Amazon Transcribe
  • Amazon Translate
  • Management and Governance
    • AWS CloudFormation
    • AWS CloudTrail
    • Amazon CloudWatch
    • Amazon CloudWatch Logs
    • AWS Command Line Interface
    • AWS Compute Optimizer
    • AWS Config
    • AWS Control Tower
    • AWS Health Dashboard
    • AWS License Manager
    • Amazon Managed Grafana
    • Amazon Managed Service for Prometheus
    • AWS Management Console
    • AWS Organizations
    • AWS Proton
    • AWS Service Catalog
    • Service Quotas
    • AWS Systems Manager
    • AWS Trusted Advisor
    • AWS Well-Architected Tool
    • SAML2.0 Identity Federation
    • IAM Identity Center
    • Directory Service
  • Service Control Policies
  • Permissions Boundaries
  • Permissions Evaluation
  • Media Services
    • Amazon Elastic Transcoder
    • Amazon Kinesis Video Streams
  • Migration and Transfer
    • AWS Application Discovery Service
    • AWS Application Migration Service
    • AWS Database Migration Service
    • AWS DataSync
    • AWS Migration Hub
    • AWS Schema Conversion Tool
    • AWS Snow Family
    • AWS Transfer Family
  • Networking and Content Delivery
    • Private and Public AWS Services
    • DHCP In a VPC
    • VPC Router
    • Stateful vs Stateless Firewalls
    • Network Access Control Lists
    • Security Groups
    • AWS Local Zones
    • Border Gateway Protocol
    • AWS Global Accelerator
    • IPSec VPN
    • Site2Site VPN
    • Transit Gateway
    • VPC Routing
    • Accelerated Site-to-Site VPN
    • AWS Client VPN
    • AWS Direct Connect (DX)
    • Route53
    • AWS Private Link
    • VPC
    • Amazon CloudFront
    • Elastic Load Balancing
    • AWS PrivateLink
  • Security, Identity, and Compliance
    • AWS Artifact
    • AWS Audit Manager
    • AWS Certificate Manager
    • AWS CloudHSM
    • Amazon Cognito
    • Amazon Detective
    • AWS Directory Service
    • AWS Firewall Manager
    • Amazon GuardDuty
    • AWS IAM Identity Center
    • AWS Identity and Access Management
    • Amazon Inspector
    • AWS Key Management Service
    • Amazon Macie
    • AWS Network Firewall
    • AWS Resource Access Manager
    • AWS Secrets Manager
    • AWS Security Hub
    • Security Token Service
    • AWS Shield
    • AWS WAF
  • Storage
    • AWS Backup
    • Amazon Elastic Block Store
    • AWS Elastic Disaster Recovery
    • Amazon Elastic File System
    • Amazon FSx
    • Amazon Simple Storage Service
    • Amazon S3 Glacier
    • AWS Storage Gateway
Powered by GitBook
On this page
  1. Networking and Content Delivery

VPC Routing

  • Route Tables:

    • Control how network traffic is directed within and outside the VPC.

    • Each subnet must be associated with a route table.

  • Associations:

    • Explicit Association: You manually associate a subnet with a specific route table.

    • Implicit Association: If no manual association, the subnet uses the main route table by default.

  • Route Priority:

    • AWS VPC route tables match the most specific route first (longest prefix match wins).

    • If multiple routes could apply, the more specific one is chosen.

🚀 Advanced Routing Concepts

  • Advanced Problem 1:

    • Overlapping CIDRs can create complexity. You must plan CIDRs carefully to avoid routing conflicts.

  • Advanced Problem 2:

    • Propagation from VPN or Direct Connect: Learned routes are automatically added but need to be managed carefully in complex environments.

🏠 Ingress Routing via Gateway Route Tables

  • Ingress Routing: Directs incoming traffic through specific appliances (like firewalls) before reaching your VPC resources.

  • Achieved using Gateway Route Tables:

    • Applied at VPC attachments (like Transit Gateway).

    • Helps enforce centralized security inspection or traffic filtering.

🧠 Quick Summary

Concept
Description

Route Tables

Direct network traffic inside and outside VPC

Explicit vs Implicit Association

Explicit (manual), Implicit (default main route table)

Route Priority

Most specific route wins (longest prefix match)

Advanced Routing Issues

Overlapping CIDRs, route propagation challenges

Ingress Routing

Use Gateway Route Tables to control incoming traffic flow through appliances

Last updated 7 days ago