- 개요 Interal/External Traffic 분리를 통해 Network 비용 최적화 및 Security 강화 - Load balancer scheme Internet Facing - external with public ip Internal - without public ip - 비고 Internal LB에 route53 Private DNS를 사용하면 직관적이다 - reference https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/how-elastic-load-balancing-works.html https://docs.aws.amazon.com/ko_kr/Route53/latest/DeveloperGuide/hosted-z..

- VPC 규칙 : 프로젝트 별 환경 별 구분 NAME : vpc-- - Subnet 규칙 : public/private, zone 다중화 NAME : vpc---subnet-public- vpc---subnet-private- - NAT Gateway Availability Zone별 1개씩

AWS Region Map (2023.09.06) https://www.awsgeek.com/AWS-Regions/AWS-Regions.jpg

- 개요 AWS를 처음 시작할 때 해야할 것들에 대해 정리 1 - Root 계정 격리 Root 계정 비밀번호를 강화하고 MFA를 설정한 후 격리 - IAM 계정 생성 모든 Admin 작업은 Root가 아닌 IAM 계정을 통해서 진행하며 MFA를 설정한다 - 참고 https://docs.aws.amazon.com/ko_kr/IAM/latest/UserGuide/introduction.html https://docs.aws.amazon.com/ko_kr/singlesignon/latest/userguide/getting-started.html

- Good for Security (Zero Trust) and save traffic cost Do not use root user for commom case. Use individual IAM user. Use MFA for Every IAM user include root account. Use Role not accesskey. Separate VPC for ENV such as dev, staing, production. Separate private and public subnets on VPC. Use individual routing tables for private and public subnets on VPC. (NAT Gateway, Internet Gateway) Internet..