...
draw.io source: dc-arch-2023.customer.v2.drawio
Paths and Traffic Filtering in Version 2 Architecture
Traffic from TGW to EC2 Instance Residing in Subnet Attached to TGW
Resource | Filtering | |
---|---|---|
Source | TGW | — |
↓ | TGW Attachment | — |
↓ | TGW Attachment Elastic Network Interface | — |
↓ | EC2 Instance Security Group | inbound rules of SG |
Destination | EC2 Instance Elastic Network Interface | — |
Traffic from TGW to EC2 Instance NOT Residing in a Subnet Attached to TGW
Resource | Filtering | |
---|---|---|
From | TGW | — |
↓ | TGW Attachment | — |
↓ | TGW Attachment Elastic Network Interface | — |
↓ | NACL of Subnet attached to TGW | outbound rules of NACL |
↓ | Route Table of Subnet attached to TGW | — |
↓ | NACL of Subnet containing EC2 instance | inbound rules of NACL |
↓ | EC2 Instance Security Group | inbound rules of SG |
Destination | EC2 Instance Elastic Network Interface | — |
What Is Changing?
Before the migration is executed, a set of resources in Cornell AWS accounts will be tagged with details about the migration. In addition, a small set of new resources that support the v2 architecture will be created in Cornell AWS accounts. After the migration is complete, a few resources not used in the v1 architecture will be deleted.
...