Skip to content

Virtual Private Cloud (VPC)

VPC is a common component that provides network solutions to AWS resources.

A Virtual Private Cloud (VPC) represents a traditional network, but on the cloud.

Public Oath

Fluid Attacks will look for a cloud network architecture that properly balances security, simplicity, and accessibility.

Architecture

Architecture-light Architecture-dark
  1. The vpc component of common owns the network configuration for AWS.
  2. It is managed as code using Terraform.
  3. There is a single VPC for the entire company called fluid-vpc.
  4. It has subnets for:
  5. All components have subnets in multiple availability zones in order to grant higher redundancy and broader access to spot instances.
  6. It has an Internet Gateway that allows resources in public subnets to reach the Internet.
  7. It has NAT gateways that allow resources in private subnets to reach the Internet.
  8. It uses Flow Logs to sends network logs to CloudWatch.
  9. The observes subnets use VPC endpoints for privately connecting to Kinesis and Glue.
  10. There is a security group called CloudFlare, which allows income traffic from the CloudFlare IP addresses.

Contributing

Please read the contributing page first.