= AWS/Firewall =
 * AWS provided Firewall 2020 - needs own subnet  [PUBLIC] <--> [FW] <--> [PRIVATE]
   * Why IGW <--> [PUBLIC] <--> [FW]  and not rather IGW <--> [FW] <--> [PUBLIC]
     * Allows for NAT-GW in public, with traffic before nat with real IP's to be inspected and filtered by FW.

 * https://wiki.vigor.nz/AWS

 * https://aws.amazon.com/blogs/security/automatically-updating-aws-waf-rule-in-real-time-using-amazon-eventbridge/


{{{#!html
<b>html baby!</b>
}}}


 * SVG
{{attachment:AWS-SubnetLayout.drawio.svg}}

----
CategorySecurity