【新品发布】利用区域NAT实现高可用性自动化并增强安全性.pdf

《【新品发布】利用区域NAT实现高可用性自动化并增强安全性.pdf》由会员分享，可在线阅读，更多相关《【新品发布】利用区域NAT实现高可用性自动化并增强安全性.pdf（15页珍藏版）》请在三个皮匠报告上搜索。

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.N E T 3 3 5Automate high availability and enhance security with Regional NATVinod KatariaPrincipal Solution ArchitectBhargav TalluriSr.Manager,Product,AWS Networking

2、 Services 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.AgendaHow is AWS NAT Gateway used todayAWS Regional NAT Gateway SolutionDeployment Architectures Zonal&RegionalResourcesQuestions 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.How is AWS NAT Gateway use

3、d todaySeparate NAT Gateways for each Availability Zone(AZ)for high availabilityCreate one public subnet per AZ in useManual expansion as workloads expand to new AZsConfigure different route tables with respective zonal NAT GatewaysSubnet A1(Public)Subnet A2(Private)InstanceUS-EAST-1VPCAZ-AAZ-B10.0.

4、0.0/2410.0.1.0/2410.0.0.0/16InstanceNAT gatewayInternet gatewayRoute tableSubnet B1(Public)Subnet B2(Private)10.0.2.0/2410.0.3.0/24NAT gatewayRoute tableInstanceInstance 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Regional NAT Gateway SolutionSingle NAT Gateway across multiple

5、 AZs in a regionAutomatic expansion/contraction into new AZs based on workloadsSimplified routing with one route for all private subnets across AZsMore secure,no public subnets requiredUse IPAM policy for predictable IP address allocation 2025,Amazon Web Services,Inc.or its affiliates.All rights res

6、erved.Deployment with NAT Gateway-ZonalEach AZ has its own NAT GatewayNAT Gateway in public subnetPrivate Subnet Route Table has 0.0.0.0/0 pointing to its zonal NAT GWSubnet A1(Public)Subnet A2(Private)InstanceUS-EAST-1VPCAZ-AAZ-B10.0.0.0/2410.0.1.0/2410.0.0.0/16InstanceNAT gatewayInternet gatewayRo