📋 VPC Cheat Sheet

Networking and troubleshooting questions in SOA-C03 usually start with VPC routing, filtering, DNS, or hybrid connectivity.

Traffic Path

  • Route tables decide where subnet traffic goes.
  • Security groups are stateful and attached to network interfaces.
  • NACLs are stateless and apply at subnet boundaries.
  • VPC Flow Logs capture accepted or rejected traffic metadata, not payloads.

Connectivity

  • NAT gateways allow private subnet instances to initiate outbound internet access.
  • Gateway endpoints support S3 and DynamoDB private access from a VPC.
  • Interface endpoints use PrivateLink for private access to many AWS services.
  • Transit Gateway provides hub-and-spoke connectivity across many VPCs and networks.

Exam Cues

  • Need private AWS service access: choose a VPC endpoint.
  • Need centralized many-VPC routing: Transit Gateway.
  • Need identify rejected traffic: VPC Flow Logs.
  • Need outbound-only internet for private instances: NAT gateway.

Practice VPC Questions

Put your knowledge to the test with practice questions.

VPC Questions →Full SOA-C03 Quiz

More SOA-C03 Cheat Sheets

📋CloudWatch Cheat Sheet📋Systems Manager Cheat Sheet📋Backup and Recovery Cheat Sheet📋CloudFormation Cheat Sheet📋IAM and Security Cheat Sheet📋Route 53 Cheat Sheet📋CloudFront Cheat Sheet
← SOA-C03 Study HubFree Mock Exam7-Day Study Plan