re:Invent: NET206 - Advanced Amazon VPC design and new capabilities

This learning path has been curated to allow you to gain the knowledge and understanding required to get the most from the following re:Invent session, enabling you to understand the insights and discussions during the talk at a greater level, and prepare you to ask some great questions for the speaker(s)! 

NET206: Advanced Amazon VPC design and new capabilities - Amazon VPC gives you complete control over your AWS virtual networking environment. Have you ever wondered how new Amazon VPC features affect the way you design your AWS networking infrastructure or change existing architectures that you use today? This session explores the answers to these questions and more.

As you progress through this learning path you will be introduced to the Amazon Virtual Private Cloud and its core features, in addition to the AWS Transit Gateway.

Once you have completed the suggested pre-session content and attended the re:Invent Breakout Session NET206, continue your learning experience in this learning path by completing a series of hands-on labs, courses, and challenges to reinforce your understanding of the services discussed.

Learning Objectives:

Pre NET206 Session:

• Confidently architect a VPC across multiple availability zones within a Region
• Explain different networking components commonly used within AWS VPCs
• Secure your VPCs, helping you to protect your resources within them
• Assess which method of connectivity to your VPCs would be best in different scenarios
• Learn how to create your own large network topology that uses AWS Transit Gateway to connect multiple VPCs
• Understand when and why it becomes appropriate to transition away from the standard methods of VPC peering when connecting large numbers of networks

Post NET206 Session:

• Learn how to connect VPCs using peering connections
• Understand how to use custom DNS names in your networks using Amazon Route 53 private hosted zones
• Diagnose and debug network issues using VPC flow logs
• Understand public and private subnets (inbound/outbound rules)
• Learn how to use Security groups (inbound/outbound rules for multiple purposes)
• Using Network access control lists (NACLs) for additional security on a private subnet
• How Bastion host can be used for SSH access from the internet to access private instances
• Network Address Translation (NAT) Gateway to provide private instances access to the public internet to perform operating system updates
• How to use Route tables associated with public and private subnets
• Understand where and how AWS uses and implements IPsec, introducing you to the VPC components Virtual Private Gateway, Customer Gateway, and VPN Connection
• Learn how to connect on-premises networks to Amazon VPCs using Internet Protocol Security (IPSec) virtual private network (VPN) tunnels
• Configure internal Border Gateway Protocol (BGP) on on-premises routers
• Configure on-premises routers to connect to Amazon VPCs using BGP
• Understand the differences between static and dynamic routing
• Gain experience with multi-homed instances and understand some reasons for using them
• Understand the VPC Reachability Analyzer, a service that allows you to easily test the connectivity between two points of your architecture
• Learn how to troubleshoot when a destination in your architecture is not reachable

Intended Audience

This learning path is designed for those who are looking to attend the NET206: Advanced Amazon VPC design and new capabilities re:Invent session