{"id":2451,"date":"2025-02-05T16:56:58","date_gmt":"2025-02-05T08:56:58","guid":{"rendered":"https:\/\/aws-oncloudai.com\/?p=2451"},"modified":"2025-02-05T17:13:58","modified_gmt":"2025-02-05T09:13:58","slug":"rhsyacjglwl","status":"publish","type":"post","link":"https:\/\/aws-oncloudai.com\/zh_hk\/rhsyacjglwl\/","title":{"rendered":"\u5982\u4f55\u4f7f\u7528AWS VPC \u5efa\u7acb\u9694\u96e2\u7db2\u8def\uff1f"},"content":{"rendered":"<p><strong>Amazon Web Services (AWS) \u63d0\u4f9b\u4e86\u4e00\u9805\u540d\u70baVPC\uff08\u865b\u64ec\u79c1\u6709\u96f2\uff09<\/strong>\u7684\u7db2\u8def\u670d\u52d9\uff0c\u5b83\u5141\u8a31\u60a8\u5275\u5efa\u4e00\u500b\u79c1\u6709\u3001\u5b89\u5168\u4e14\u53ef\u64f4\u5c55\u7684\u96f2\u7aef\u7db2\u8def\u3002\u5728\u672c\u6587\u4e2d\uff0c\u6211\u5011\u5c07\u8a0e\u8ad6\u5982\u4f55\u4f7f\u7528VPC \u5728AWS \u4e2d\u5efa\u7acb<strong>\u9694\u96e2\u7db2\u8def<\/strong>\u3002<\/p>\n<h3 id=\"heading-what-is-aws-vpc\" class=\"permalink-heading\"><strong>\u4ec0\u9ebc\u662fAWS VPC\uff1f<\/strong><\/h3>\n<p><img fetchpriority=\"high\" decoding=\"async\" class=\"wp-image-2453 aligncenter\" src=\"http:\/\/aws-oncloudai.com\/wp-content\/uploads\/2025\/02\/xz.jpeg\" alt=\"\" width=\"634\" height=\"389\" srcset=\"https:\/\/aws-oncloudai.com\/wp-content\/uploads\/2025\/02\/xz.jpeg 287w, https:\/\/aws-oncloudai.com\/wp-content\/uploads\/2025\/02\/xz-18x12.jpeg 18w\" sizes=\"(max-width: 634px) 100vw, 634px\" \/><\/p>\n<p>\u865b\u64ec\u79c1\u6709\u96f2<strong>(VPC)<\/strong>\u662fAWS \u96f2\u7aef\u4e2d\u908f\u8f2f\u4e0a\u7368\u7acb\u7684\u90e8\u5206\uff0c\u60a8\u53ef\u4ee5\u5728\u5176\u4e2d\u5b9a\u7fa9\u81ea\u5df1\u7684\u7db2\u8def\u74b0\u5883\u3002\u53ef\u4ee5\u5c07\u5176\u8996\u70ba\u96f2\u7aef\u4e2d\u7684\u79c1\u4eba\u8cc7\u6599\u4e2d\u5fc3\u3002<\/p>\n<p>\u4f7f\u7528VPC\uff0c\u60a8\u53ef\u4ee5\uff1a<\/p>\n<ul>\n<li>\u63a7\u5236\u60a8\u7684\u7db2\u8def\u8a2d\u5b9a\uff08IP \u4f4d\u5740\u3001\u8def\u7531\u7b49\uff09\u3002<\/li>\n<li>\u5275\u5efa<strong>\u516c\u6709\u5b50\u7db2\u8def\u548c\u79c1\u4eba\u5b50\u7db2<\/strong>\u3002<\/li>\n<li>\u9023\u63a5\u5230\u7db2\u8def\u6216\u4fdd\u6301\u60a8\u7684\u8cc7\u6e90\u79c1\u5bc6\u3002<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h4 id=\"heading-key-features-of-aws-vpc\" class=\"permalink-heading\"><strong>AWS VPC \u7684\u4e3b\u8981\u7279\u9ede<\/strong>\uff1a<\/h4>\n<ol>\n<li><strong>\u5b50\u7db2<\/strong>\u2013 \u5c07\u60a8\u7684VPC \u5283\u5206\u70ba\u516c\u6709\u5b50\u7db2\u8def\u548c\u79c1\u6709\u5b50\u7db2\u8def\u3002<\/li>\n<li><strong>\u7db2\u969b\u7db2\u8def\u9598\u9053(IGW)<\/strong>\u00a0\u2013 \u5141\u8a31\u9762\u5411\u516c\u773e\u7684\u8cc7\u6e90\u9023\u63a5\u5230\u7db2\u8def\u3002<\/li>\n<li><strong>NAT \u9598\u9053\/NAT \u5be6\u4f8b<\/strong>\u2013 \u4f7f\u79c1\u6709\u57f7\u884c\u500b\u9ad4\u80fd\u5920\u5b89\u5168\u5730\u5b58\u53d6\u7db2\u969b\u7db2\u8def\u3002<\/li>\n<li><strong>\u8def\u7531\u8868<\/strong>\u2013 \u63a7\u88fd\u7db2\u8def\u6d41\u91cf\u5728VPC \u5167\u7684\u6d41\u52d5\u65b9\u5f0f\u3002<\/li>\n<li><strong>\u5b89\u5168\u7fa4\u7d44\u548cNACL<\/strong>\u00a0\u2013 \u63a7\u5236\u5be6\u4f8b\u548c\u5b50\u7db2\u8def\u5c64\u7d1a\u7684\u5165\u7ad9\/\u51fa\u7ad9\u6d41\u91cf\u3002<\/li>\n<li><strong>VPC \u5c0d\u7b49\u9023\u63a5<\/strong>\u2013 \u9023\u63a5\u591a\u500bVPC \u4ee5\u5be6\u73fe\u76f8\u4e92\u901a\u8a0a\u3002<\/li>\n<li><strong>AWS PrivateLink<\/strong>\u00a0\u2013 \u63d0\u4f9b\u5c0dAWS \u670d\u52d9\u7684\u79c1\u4eba\u8a2a\u554f\uff0c\u800c\u7121\u9700\u5c07\u5176\u66b4\u9732\u5230\u4e92\u806f\u7db2\u4e0a\u3002<\/li>\n<li><strong>VPC \u7aef\u9ede<\/strong>\u2013 \u7121\u9700\u4f7f\u7528IGW \u6216NAT \u5728VPC \u5167\u79c1\u4e0b\u9023\u63a5AWS \u670d\u52d9\u3002<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<h3 id=\"heading-what-is-an-isolated-network\" class=\"permalink-heading\"><strong>\u4ec0\u9ebc\u662f\u9694\u96e2\u7db2\u8def\uff1f<\/strong><\/h3>\n<p><strong>\u9694\u96e2\u7db2\u8def<\/strong>\u662f\u4e00\u7a2eVPC \u8a2d\u7f6e\uff0c\u5176\u4e2d\u5be6\u4f8b\u7121\u6cd5\u76f4\u63a5\u5b58\u53d6\u4e92\u806f\u7db2\u3002\u9019\u5c0d\u65bc\u4e0d\u61c9\u66b4\u9732\u5728\u4e92\u806f\u7db2\u4e0a\u7684<strong>\u5b89\u5168\u5de5\u4f5c\u8ca0\u8f09\uff08\u5982\u8cc7\u6599\u5eab\u6216\u5f8c\u7aef\u61c9\u7528\u7a0b\u5f0f\uff09\u975e\u5e38\u6709\u7528\u3002<\/strong><\/p>\n<h3 id=\"heading-step-by-step-guide-to-creating-an-isolated-network-in-aws\" class=\"permalink-heading\"><strong>\u5728AWS \u4e2d\u5efa\u7acb\u9694\u96e2\u7db2\u8def\u7684\u5206\u6b65\u6307\u5357<\/strong><\/h3>\n<p>\u6211\u5011\u5c07\u9075\u5faa\u4ee5\u4e0b\u6b65\u9a5f\uff1a<\/p>\n<ol>\n<li><strong>\u5275\u5efaVPC<\/strong><\/li>\n<li><strong>\u5efa\u7acb\u79c1\u6709\u5b50\u7db2\u8def<\/strong><\/li>\n<li><strong>\u4fee\u6539\u8def\u7531\u8868\u4ee5\u963b\u6b62Internet \u8a2a\u554f<\/strong><\/li>\n<li><strong>\u5728\u79c1\u4eba\u5b50\u7db2\u8def\u4e2d\u555f\u52d5EC2 \u5be6\u4f8b<\/strong><\/li>\n<li><strong>\uff08\u53ef\u9078\uff09\u4f7f\u7528\u5821\u58d8\u4e3b\u6a5f\u5b58\u53d6\u79c1\u6709\u5be6\u4f8b<\/strong><\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<h4 id=\"heading-step-1-create-a-vpc\" class=\"permalink-heading\"><strong>\u6b65\u9a5f1\uff1a\u5efa\u7acbVPC<\/strong><\/h4>\n<ol>\n<li>\u6253\u958b<strong>AWS \u4e3b\u63a7\u53f0<\/strong>\u2192 \u8f49\u5230<strong>VPC<\/strong>\u3002<\/li>\n<li>\u9ede\u9078<strong>\u201c\u5275\u5efaVPC\u201d<\/strong>\u3002<\/li>\n<li><strong>\u50c5<\/strong>\u9078\u64c7VPC \u3002<\/li>\n<li>\u9032\u5165\uff1a\n<ul>\n<li><strong>\u59d3\u540d<\/strong>\uff1a<code>My-Isolated-VPC<\/code><\/li>\n<li><strong>IPv4 CIDR \u5340\u584a<\/strong>\uff1a<code>10.0.0.0\/16<\/code><\/li>\n<\/ul>\n<\/li>\n<li>\u9ede\u9078<strong>\u201c\u5275\u5efaVPC\u201d<\/strong>\u3002<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<h4 id=\"heading-step-2-create-a-private-subnet\" class=\"permalink-heading\"><strong>\u6b65\u9a5f2\uff1a\u5efa\u7acb\u79c1\u6709\u5b50\u7db2<\/strong><\/h4>\n<ol>\n<li>\u8f49\u5230<strong>\u5b50\u7db2<\/strong>\u2192 \u55ae\u64ca<strong>\u201c\u5275\u5efa\u5b50\u7db2\u8def\u201d<\/strong>\u3002<\/li>\n<li>\u9078\u64c7<strong>My-Isolated-VPC<\/strong>\u3002<\/li>\n<li>\u9032\u5165\uff1a\n<ul>\n<li><strong>\u5b50\u7db2\u8def\u540d\u7a31<\/strong>\uff1a<code>Private-Subnet-1<\/code><\/li>\n<li><strong>\u53ef\u7528\u5340\u57df<\/strong>\uff1a\u9078\u64c7\u4efb\u610f\u5340\u57df\uff08\u4f8b\u5982<code>us-east-1a<\/code>\uff09<\/li>\n<li><strong>CIDR \u5340\u584a<\/strong>\uff1a<code>10.0.1.0\/24<\/code><\/li>\n<\/ul>\n<\/li>\n<li>\u9ede\u9078<strong>\u201c\u5275\u5efa\u5b50\u7db2\u8def\u201d<\/strong>\u3002<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<h4 id=\"heading-step-3-modify-route-table-to-block-internet-access\" class=\"permalink-heading\"><strong>\u6b65\u9a5f3\uff1a\u4fee\u6539\u8def\u7531\u8868\u4ee5\u963b\u6b62Internet\u8a2a\u554f<\/strong><\/h4>\n<ol>\n<li>\u8f49\u5230<strong>\u8def\u7531\u8868<\/strong>\u2192 \u55ae\u64ca<strong>\u201c\u5efa\u7acb\u8def\u7531\u8868\u201d<\/strong>\u3002<\/li>\n<li>\u8aaa\u51fa\u5b83\u7684\u540d\u5b57<code>Private-Route-Table<\/code>\u3002<\/li>\n<li>\u5c07\u5176\u9644\u52a0\u5230<code>My-Isolated-VPC<\/code>\u3002<\/li>\n<li>\u9ede\u9078<strong>\u201c\u5275\u5efa\u201d<\/strong>\u3002<\/li>\n<li>\u5c07\u8def\u7531\u8868\u8207\u79c1\u6709\u5b50\u7db2\u8def\u95dc\u806f\uff1a\n<ul>\n<li>\u9ede\u9078<code>Private-Route-Table<\/code>\u2192<strong>\u5b50\u7db2\u8def\u95dc\u806f<\/strong>\u3002<\/li>\n<li>\u9ede\u9078<strong>\u7de8\u8f2f\u5b50\u7db2\u8def\u95dc\u806f<\/strong>\u2192\u9078\u64c7<code>Private-Subnet-1<\/code>\u3002<\/li>\n<li>\u9ede\u9078<strong>\u201c\u4fdd\u5b58\u201d<\/strong>\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<blockquote><p>\u26a0<strong>\u91cd\u8981\u63d0\u793a\uff1a<\/strong>\u8acb\u52ff\u9023\u63a5Internet \u9598\u9053(IGW) \u6216NAT \u9598\u9053\u3002\u9019\u6a23\u53ef\u4ee5\u4fdd\u6301\u9694\u96e2\u3002<\/p>\n<p>&nbsp;<\/p><\/blockquote>\n<h4 id=\"heading-step-4-launch-an-ec2-instance-in-the-private-subnet\" class=\"permalink-heading\"><strong>\u6b65\u9a5f4\uff1a\u5728\u79c1\u6709\u5b50\u7db2\u8def\u4e2d\u555f\u52d5EC2 \u5be6\u4f8b<\/strong><\/h4>\n<ol>\n<li>\u8f49\u5230<strong>EC2<\/strong>\u00a0\u2192 \u55ae\u64ca<strong>\u555f\u52d5\u5be6\u4f8b<\/strong>\u3002<\/li>\n<li>\u9078\u64c7\u4e00\u500bAMI\uff08\u4f8b\u5982\uff0c<strong>Amazon Linux 2<\/strong>\uff09\u3002<\/li>\n<li>\u9078\u64c7<strong>t2.micro<\/strong>\u00a0(\u7b26\u5408\u514d\u8cbb\u5957\u9910\u8cc7\u683c)\u3002<\/li>\n<li><strong>\u7db2\u8def\u90e8\u5206<\/strong>\uff1a\n<ul>\n<li><strong>\u79c1\u6709\u96f2<\/strong>\uff1a<code>My-Isolated-VPC<\/code><\/li>\n<li><strong>\u5b50\u7db2<\/strong>\uff1a<code>Private-Subnet-1<\/code><\/li>\n<li><strong>\u81ea\u52d5\u5206\u914d\u516c\u5171IP<\/strong>\u00a0:<strong>\u505c\u7528<\/strong><\/li>\n<\/ul>\n<\/li>\n<li>\u5efa\u7acb\u6216\u9078\u64c7\u5141\u8a31\u79c1\u4eba\u5b58\u53d6\u7684<strong>\u5b89\u5168\u7fa4\u7d44\u3002<\/strong><\/li>\n<li>\u9ede\u9078<strong>\u555f\u52d5<\/strong>\u3002<\/li>\n<\/ol>\n<blockquote><p>\u60a8\u7684EC2 \u5be6\u4f8b\u73fe\u5728\u5728<strong>\u9694\u96e2\u7db2\u8def<\/strong>\u4e2d\u904b\u884c\uff0c\u9019\u610f\u5473\u8457\u5b83<strong>\u7121\u6cd5\u4e0a\u7db2<\/strong>\uff0c\u4e5f<strong>\u7121\u6cd5\u5f9e\u4e92\u806f\u7db2\u8a2a\u554f<\/strong>\u3002<\/p>\n<p>&nbsp;<\/p><\/blockquote>\n<h4 id=\"heading-step-5-optional-access-private-instance-using-a-bastion-host\" class=\"permalink-heading\"><strong>\u6b65\u9a5f5\uff08\u53ef\u9078\uff09\uff1a\u4f7f\u7528\u5821\u58d8\u4e3b\u6a5f\u5b58\u53d6\u79c1\u6709\u5be6\u4f8b<\/strong><\/h4>\n<p>\u7531\u65bc\u60a8\u7684\u57f7\u884c\u500b\u9ad4\u4f4d\u65bc\u79c1\u6709\u7db2\u8def\u4e2d\uff0c\u56e0\u6b64\u60a8<strong>\u7121\u6cd5\u76f4\u63a5\u4f7f\u7528SSH<\/strong>\u3002\u60a8\u9700\u8981\u4e00\u500b<strong>\u5821\u58d8\u4e3b\u6a5f<\/strong>\uff08\u5145\u7576\u8df3\u8f49\u4f3a\u670d\u5668\u7684\u53ef\u516c\u958b\u5b58\u53d6\u7684\u5be6\u4f8b\uff09\u3002<\/p>\n<h4 id=\"heading-steps-to-set-up-a-bastion-host\" class=\"permalink-heading\"><strong>\u8a2d\u5b9a\u5821\u58d8\u4e3b\u6a5f\u7684\u6b65\u9a5f\uff1a<\/strong><\/h4>\n<ol>\n<li>\u5728\u540c\u4e00\u500bVPC \u4e2d\u5efa\u7acb\u53e6\u4e00\u500b<strong>\u516c\u5171\u5b50\u7db2\u8def\u3002<\/strong><\/li>\n<li><strong>\u5728\u516c\u5171\u5b50\u7db2<\/strong>\u4e2d\u555f\u52d5\u4e00\u500b\u65b0\u7684EC2 \u5be6\u4f8b\u3002<\/li>\n<li>\u5c07<strong>\u5f48\u6027IP<\/strong>\u9644\u52a0\u5230\u5821\u58d8\u4e3b\u6a5f\u3002<\/li>\n<li>\u4f7f\u7528<strong>SSH \u4ee3\u7406\u8f49\u767c<\/strong>\u6216<strong>AWS Systems Manager (SSM)<\/strong>\u5b89\u5168\u5730\u9023\u7dda\u5230\u79c1\u6709\u5be6\u4f8b\u3002<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<h3>\u5e38\u898b\u554f\u984c\uff1a<\/h3>\n<p>&nbsp;<\/p>\n<h4 id=\"heading-1-what-happens-if-i-delete-my-default-vpc\" class=\"permalink-heading\"><strong>\u5982\u679c\u522a\u9664\u9810\u8a2dVPC \u6703\u767c\u751f\u4ec0\u9ebc\uff1f<\/strong><\/h4>\n<p class=\"permalink-heading\">AWS \u5141\u8a31\u60a8\u522a\u9664\u9810\u8a2dVPC\uff0c\u4f46\u60a8<strong>\u7121\u6cd5\u81ea\u52d5\u91cd\u65b0\u5efa\u7acb\u5b83<\/strong>\u3002\u4e0d\u904e\uff0c\u60a8\u53ef\u4ee5\u624b\u52d5\u5efa\u7acb\u4e00\u500b<strong>\u65b0\u7684VPC<\/strong>\u4e26\u5c07\u5176\u914d\u7f6e\u70ba\u9810\u8a2dVPC\u3002<\/p>\n<h4 id=\"heading-2-what-is-the-difference-between-a-public-and-a-private-subnet\" class=\"permalink-heading\"><strong>\u516c\u5171\u5b50\u7db2\u8def\u548c\u79c1\u6709\u5b50\u7db2\u8def\u6709\u4ec0\u9ebc\u4e0d\u540c\uff1f<\/strong><\/h4>\n<ul>\n<li><strong>\u516c\u5171\u5b50\u7db2\u8def\uff1a\u900f\u904e<\/strong><strong>\u7db2\u969b\u7db2\u8def\u9598\u9053\uff08IGW\uff09<\/strong>\u76f4\u63a5\u5b58\u53d6\u4e92\u806f\u7db2\u3002<\/li>\n<li><strong>\u79c1\u6709\u5b50\u7db2\u8def\uff1a<\/strong>\u6c92\u6709<strong>\u76f4\u63a5\u7684\u4e92\u806f\u7db2\u8a2a\u554f<\/strong>\uff1b\u7528\u65bc\u5167\u90e8\u61c9\u7528\u7a0b\u5f0f\u3001\u8cc7\u6599\u5eab\u7b49\u3002\u5b83\u53ef\u4ee5\u4f7f\u7528<strong>NAT \u9598\u9053<\/strong>\u8a2a\u554f\u4e92\u806f\u7db2\u3002<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h4 id=\"heading-3-how-do-you-make-an-aws-vpc-fully-isolated\" class=\"permalink-heading\"><strong>\u5982\u4f55\u4f7fAWS VPC \u5b8c\u5168\u9694\u96e2\uff1f<\/strong><\/h4>\n<p class=\"permalink-heading\">\u8981\u5275\u5efa<strong>\u9694\u96e2\u7684VPC<\/strong>\uff1a<\/p>\n<ol>\n<li>\u4e0d\u8981\u9023\u63a5\u7db2\u8def\u7db2\u95dc<strong>(\u00a0<\/strong><strong>IGW)<\/strong>\u3002<\/li>\n<li>\u4e0d\u8981<strong>\u4f7f\u7528<\/strong><strong>NAT<\/strong>\u7db2\u95dc\u3002<\/li>\n<li>\u50c5\u4f7f\u7528<strong>\u79c1\u6709\u5b50\u7db2\u8def<\/strong>\u3002<\/li>\n<li><strong>\u4f7f\u7528\u5b89\u5168\u7fa4\u7d44<\/strong>\u548c<strong>NACL<\/strong>\u63a7\u5236\u5165\u7ad9\/\u51fa\u7ad9\u6d41\u91cf\u3002<\/li>\n<li>\u5982\u679c\u9700\u8981\uff0c\u8acb\u4f7f\u7528<strong>AWS Direct Connect<\/strong>\u6216<strong>VPN<\/strong>\u9032\u884c\u79c1\u4eba\u9023\u63a5\u3002<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<h4 id=\"heading-4-what-is-the-difference-between-a-security-group-and-a-nacl\" class=\"permalink-heading\"><strong>\u5b89\u5168\u7fa4\u7d44\u548cNACL \u6709\u4ec0\u9ebc\u5340\u5225\uff1f<\/strong><\/h4>\n<table style=\"border-collapse: collapse; width: 80.5252%; height: 124px;\" border=\"1\">\n<tbody>\n<tr style=\"height: 24px;\">\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\">\u7279\u5fb5<\/td>\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\">\u5b89\u5168\u7fa4\u7d44<\/td>\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\">\u7db2\u8defACL (NACL)<\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\"><strong>\u9069\u7528\u65bc<\/strong><\/td>\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\">EC2 \u57f7\u884c\u500b\u9ad4<\/td>\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\">\u5b50\u7db2<\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\"><strong>\u6709\u72c0\u614b\u7684\uff1f<\/strong><\/td>\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\">\u662f\uff08\u8ffd\u8e64\u8acb\u6c42-\u56de\u61c9\uff09<\/td>\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\">\u5426\uff08\u898f\u5247\u55ae\u7368\u9069\u7528\uff09<\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\"><strong>\u9810\u8a2d\u898f\u5247<\/strong><\/td>\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\">\u62d2\u7d55\u6240\u6709\u5165\u7ad9\uff0c\u5141\u8a31\u6240\u6709\u51fa\u7ad9<\/td>\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\">\u5141\u8a31\u6240\u6709\u5165\u7ad9\u548c\u51fa\u7ad9<\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\"><strong>\u898f\u5247\u8a55\u4f30<\/strong><\/td>\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\">\u6aa2\u67e5\u6240\u6709\u898f\u5247<\/td>\n<td style=\"width: 33.3333%; height: 24px; text-align: center;\">\u6309\u9806\u5e8f\u8a55\u4f30<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>\u5b89\u5168\u7fa4\u7d44\u5145\u7576<strong>\u5be6\u4f8b\u7684\u9632\u706b\u7246<\/strong>\uff0c\u800cNACL \u5145\u7576<strong>\u5b50\u7db2\u8def\u7684\u9632\u706b\u7246<\/strong>\u3002<\/p>\n<h4 id=\"heading-5-how-can-instances-in-a-private-subnet-connect-to-the-internet\" class=\"permalink-heading\"><strong>\u79c1\u6709\u5b50\u7db2\u8def\u4e2d\u7684\u5be6\u4f8b\u5982\u4f55\u9023\u63a5\u5230\u7db2\u969b\u7db2\u8def\uff1f<\/strong><\/h4>\n<p class=\"permalink-heading\">\u79c1\u6709\u5b50\u7db2\u8def\u4e2d\u7684\u57f7\u884c\u500b\u9ad4\u7121\u6cd5\u76f4\u63a5\u5b58\u53d6\u7db2\u969b\u7db2\u8def\u3002\u4f46\u662f\uff0c\u5b83\u5011\u53ef\u4ee5\u900f\u904e\u4ee5\u4e0b\u65b9\u5f0f\u9023\u63a5\uff1a<\/p>\n<ul>\n<li><strong>NAT \u9598\u9053\/\u5be6\u4f8b<\/strong>\u2013 \u5141\u8a31\u5916\u90e8\u7db2\u8def\u5b58\u53d6\u3002<\/li>\n<li><strong>VPC \u7aef\u9ede<\/strong>\u2013 \u79c1\u4e0b\u9023\u63a5\u5230AWS \u670d\u52d9\u3002<\/li>\n<li><strong>\u5821\u58d8\u4e3b\u6a5f<\/strong>\u2013 \u516c\u5171\u5b50\u7db2\u8def\u4e2d\u7528\u65bcSSH \u5b58\u53d6\u7684\u8df3\u8f49\u4f3a\u670d\u5668\u3002<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h4 id=\"heading-6-what-is-vpc-peering-and-how-does-it-work\" class=\"permalink-heading\"><strong>\u4ec0\u9ebc\u662fVPC Peering\uff0c\u5b83\u5982\u4f55\u904b\u4f5c\uff1f<\/strong><\/h4>\n<p>VPC Peering \u5141\u8a31\u5169\u500bVPC\u4f7f\u7528AWS \u7db2\u8def\u9032\u884c<strong>\u79c1\u5bc6<\/strong><br \/>\n\u901a\u4fe1\u3002\u7576\u60a8\u60f3\u5728<strong>\u4e0d\u4f7f\u7528\u7db2\u8def\u7684<\/strong>\u60c5\u6cc1\u4e0b\u5728VPC \u4e4b\u9593\u5171\u4eab\u8cc7\u6e90\u6642\uff0c\u53ef\u4ee5\u4f7f\u7528\u5b83\u3002 Peering \u9023\u7d50\u662f<strong>\u4e00\u5c0d\u4e00\u7684\uff0c\u5fc5\u9808\u5728<\/strong><strong>\u5169\u500bVPC<\/strong>\u4e2d\u624b\u52d5\u914d\u7f6e\u3002<\/p>\n<h4 id=\"heading-7-what-is-aws-privatelink-how-is-it-different-from-vpc-peering\" class=\"permalink-heading\"><strong>\u4ec0\u9ebc\u662fAWS PrivateLink\uff1f\u5b83\u8207VPC Peering \u6709\u4f55\u4e0d\u540c\uff1f<\/strong><\/h4>\n<p class=\"permalink-heading\">AWS\u00a0<strong>PrivateLink<\/strong>\u652f\u63f4\u5c0dAWS \u670d\u52d9\u7684<strong>\u79c1\u4eba\u8a2a\u554f<\/strong>\uff0c\u800c\u7121\u9700\u5c07\u6d41\u91cf\u66b4\u9732\u7d66\u4e92\u806f\u7db2\u3002\u5b83\u901a\u5e38\u7528\u65bc\u5c07<strong>VPC \u9023\u63a5\u5230S3\u3001DynamoDB \u548c\u81ea\u8a02\u61c9\u7528\u7a0b\u5f0f\u7b49AWS \u670d\u52d9<\/strong>\u3002<\/p>\n<p><strong>\u8207VPC \u5c0d\u7b49\u9023\u63a5\u7684\u5340\u5225\uff1a<\/strong><\/p>\n<ul>\n<li><strong>VPC \u5c0d\u7b49\u9023\u7dda\uff1a\u5be6\u73fe<\/strong><strong>\u5169\u500bVPC \u4e4b\u9593\u7684<\/strong>\u76f4\u63a5\u79c1\u7db2\u901a\u8a0a\u3002<\/li>\n<li><strong>PrivateLink\uff1a\u4f7f\u7528<\/strong><strong>AWS \u7ba1\u7406\u7684\u7d42\u7aef\u7bc0\u9ede<\/strong>\u8de8VPC \u9023\u7dda\u670d\u52d9\u3002<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h4 id=\"heading-8-can-you-connect-multiple-vpcs-together\" class=\"permalink-heading\"><strong>\u53ef\u4ee5\u5c07\u591a\u500bVPC \u9023\u63a5\u5728\u4e00\u8d77\u55ce\uff1f<\/strong><\/h4>\n<p class=\"permalink-heading\">\u662f\u7684\uff0c\u53ef\u4ee5\u4f7f\u7528\u4ee5\u4e0b\u65b9\u5f0f\u9023\u63a5\u591a\u500bVPC\uff1a<\/p>\n<ol>\n<li><strong>VPC \u5c0d\u7b49\u9023\u63a5<\/strong>\u2013 \u7528\u65bc\u76f4\u63a5\u901a\u8a0a(1:1)\u3002<\/li>\n<li><strong>Transit Gateway<\/strong>\u00a0\u2013 \u4e00\u7a2e\u53ef\u6709\u6548\u9023\u63a5<strong>\u591a\u500bVPC<\/strong>\u7684\u53ef\u64f4\u5c55\u89e3\u6c7a\u65b9\u6848\u3002<\/li>\n<li><strong>PrivateLink<\/strong>\u00a0\u2013 \u5728\u6c92\u6709\u5b8c\u5168\u5c0d\u7b49\u7684\u60c5\u6cc1\u4e0b\u5728VPC \u4e4b\u9593\u516c\u958b\u670d\u52d9\u3002<\/li>\n<\/ol>","protected":false},"excerpt":{"rendered":"<p>Amazon Web Services (AWS) \u63d0\u4f9b\u4e86\u4e00\u9805\u540d\u70baVPC\uff08\u865b\u64ec\u79c1\u6709\u96f2\uff09\u7684\u7db2\u8def\u670d\u52d9\uff0c\u5b83\u5141\u8a31\u60a8\u5efa\u7acb\u4e00\u500b\u79c1\u6709\u3001\u5b89\u5168\u4e14\u53ef\u64f4\u5c55\u7684\u96f2\u7aef\u7db2\u8def\u3002<\/p>","protected":false},"author":1,"featured_media":2457,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[65],"tags":[],"class_list":["post-2451","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technical-sharing"],"_links":{"self":[{"href":"https:\/\/aws-oncloudai.com\/zh_hk\/wp-json\/wp\/v2\/posts\/2451","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aws-oncloudai.com\/zh_hk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aws-oncloudai.com\/zh_hk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aws-oncloudai.com\/zh_hk\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aws-oncloudai.com\/zh_hk\/wp-json\/wp\/v2\/comments?post=2451"}],"version-history":[{"count":0,"href":"https:\/\/aws-oncloudai.com\/zh_hk\/wp-json\/wp\/v2\/posts\/2451\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aws-oncloudai.com\/zh_hk\/wp-json\/wp\/v2\/media\/2457"}],"wp:attachment":[{"href":"https:\/\/aws-oncloudai.com\/zh_hk\/wp-json\/wp\/v2\/media?parent=2451"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aws-oncloudai.com\/zh_hk\/wp-json\/wp\/v2\/categories?post=2451"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aws-oncloudai.com\/zh_hk\/wp-json\/wp\/v2\/tags?post=2451"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}