Summary
In this chapter, we continued from Chapter 9, Patterns for Operation and Maintenance and stayed in the realm of the underlying infrastructure: networks. In the OnDemand NAT pattern, we discussed how to effectively turn on and off outside connectivity so that we can prevent unwanted access except when maintenance windows are needed. We then moved to the management network pattern in which we discussed how to route traffic over the interfaces themselves within a virtual machine so that we can easily distinguish outside traffic from other AWS traffic, or even traffic from an on-premises data center. Next, we covered the functional firewall pattern in which we showed how we can use the AWS-provided firewall configuration (Security Groups) to group instances by their functional part in a stack. Staying on the firewall topic, we discussed how to group virtual machines, not only by their function in the stack, but also by who the clients are. Finishing up the firewall discussions, we ended...
