updating VPC config
This commit is contained in:
13
todo.md
13
todo.md
@@ -110,14 +110,8 @@ Enable HTTPS
|
||||
|
||||
Codebuild
|
||||
|
||||
Create the security group for the EC2 instances
|
||||
Add this security group to Outputs
|
||||
Reference it in RDS security group
|
||||
|
||||
Summarise the VPC creation - VPC is created, internet gateway is created (and route table) and is added to the VPC for internet access. Controlling what can and cannot go in/out to the internet is done with security groups.
|
||||
|
||||
Check ssh? - Can ssh if you apply it to the EC2 SG you create.
|
||||
|
||||
Multiple security groups get squashed to determine what is and isn't allowed: <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-security-groups.html>.
|
||||
|
||||
Show how to create private + public subnets as in <https://github.com/awsdocs/elastic-beanstalk-samples/blob/master/cfn-templates/vpc-privatepublic.yaml>. You need a nat gateway to allow private subnets to go out to the internet, but back in. How is this different to using security groups?
|
||||
@@ -127,3 +121,10 @@ If you use private subnets, the nat gateway is not cheap - £30 a month. You don
|
||||
Summarise the flow -> VPC, internet gateway, attachment + route tables, subnets etc. Mention the nat gateway but show how it can be replaced with security groups.
|
||||
|
||||
Merge the CF templates into one, make sure all the importing and other s nippets are documented.
|
||||
|
||||
|
||||
- Sort this page + documentation out
|
||||
- Change ELB to EB
|
||||
- Once documented and happy, create single CF Template
|
||||
- Create single instance deployment + https (document)
|
||||
- Terraform it all up
|
||||
|
||||
Reference in New Issue
Block a user