What is Network Address Translation? Why is it necessary when connecting to internet?
It is used to translate public IP address to private IP address or vise versa. It allows instance(s) in private subnet to connect to internet or on premises or other VPC.
If 2 instances are launched in private subnets of 2 VPC's, and a peering connection is established between them, is it possible to connect from the instance in one VPC to the instance in other VPC?
Yes, it is a very common and powerful use case for VPC peering to enable communication between resources in private subnets across different VPCs.
Is assigning a public IP to instances in private subnet of any use?
The purpose of launching a private subnet instances is to isolate from internet access. Hence, assigning a public IP to instances in private subnet is not useful.
When using AWS CLI, there is a major security risk that AWS warns about. What is that risk and how to mitigate that risk?
When using AWS CLI, there is a major security risk that AWS warns about. What is that risk and how to mitigate that risk?
Major security risk that AWS warns is the storage of credentials (Access Key ID and Secret Access Key) on local machines and in source code. If the machine is compromised, an attacker gaining access to these credentials can immediately obtain them. By prioritizing temporary credentials and applying the principle of lease privilege, we can mitigate the security risk associated with using the AWS CLI.
If a route in Route Table is no longer available, what does the connection status show?
Blackhole