Morioh
Login
Ida Nader

Ida Nader

3 years ago

TL:DR: Google Cloud Platform VPCs are relatively flat with controls targeting the instance, whereas Amazon Web Services VPCs are hierarchical with multiple layers of control at the region, zone, subnet, and instance.

The GCP and AWS solutions illustrated in this article are available for download as Terraform configuration files.

The Example Scenario

To explore the commonalities and differences between the GCP and AWS VPC features, we will walk through each one’s solution to a scenario consisting of three instances:

  • bastion (or jump host): Used for troubleshooting
  • frontend: Serves HTTP to the Internet
  • backend: Serves HTTP to the frontend

We can further describe the scenario using network flows in the following color-coded network diagram:

Image for post

Internet to Frontend and Frontend to Internet (red)

Internet to Bastion and Bastion to Internet (blue)

These flows allow for clients on the Internet to access the frontend instance (using HTTP) and the bastion instance (using ssh). These flows also allow for these instances to access servers on the Internet, e.g, performing software updates.

Backend to the Internet (green)

This flow allows for the backend instance to access servers on the Internet.

Bastion to Frontend (dark purple)

Bastion to Backend (light purple)

These flows allow for the bastion instance to access any instance, including the frontend and backend, using ICMP and ssh.

Frontend to Backend (aqua)

This flows allows for the frontend instance to access the backend instances using HTTP.

#aws #networking #gcp

VPC Networking: GCP v.s. AWS

codeburst.io

VPC Networking: GCP v.s. AWS

Comparing and contrasting Google Cloud Platform’s (GCP) versus Amazon Web Services’ (AWS) virtual private cloud (VPC) networking.

1.30 GEEK