VPC
VPC is your own virtual, secured, scalable network in the AWS cloud that contains your AWS resources. Let us look at the VPC security best practices:
Create custom VPC: It is recommended to create your own VPC and not use the default VPC as it has default settings to allow unrestricted inbound and outbound traffic.
Monitor VPC activity: Create VPC flow logs to monitor flow of all IP traffic in your VPC from network resources to identify and restrict any unwanted activity.
Use Network Address Translation (NAT): Keep all your resources that do not need access to the internet in a private subnet. Use a NAT device, such as a NAT instance or NAT gateway to allow internet access to resources in a private subnet.
Control access: Use IAM to control access to the VPC and resources that are part of the VPC. You can create a fine grained access control using IAM for resources in your VPC.
Use NACL: Configure NACLs to define which traffic is allowed and denied for your VPC through the subnet. Control...