Terraform vs CI/CD

- Subnet (sub-network): is a virtual subnet, an important component in VPC. One or more subnets can be created within a VPC and each subnet will be assigned one and only one Availability Zone. Usually, the public subnet will be divided for Internet access services, while the private subnet is for internal parts that do not need Internet access like a database. - Internet Gateway: is an important component that allows Instances to access the Internet. It allows users to connect a subnet to the Internet by providing a Route table to the Internet. With the help of Internet Gateway, an Instance can access the Internet and external resources can also connect to this instance. - Security Group: The security layer for Instance can be considered as a firewall, it is necessary to define rules before traffic enters and exits the Instance. Security Group has inbound rules and outbound rules: Inbound rules allow all outbound traffic to enter the EC2 instance. Outbound rules allow all traffic in the EC2 instance to go out. - Route table: Can be understood as a routing table, including routing rules, simply understood as a table of directions. Each subnet can only be associated with one route table, but a route table can link multiple subnets. - A network access control list (ACL): A security layer for the VPC, acting as a firewall to control the incoming and outgoing traffic of one or more subnets. - NAT gateway: Allows 1 Instance in the private subnet to connect to the Internet or other AWS services, and work in one direction, meaning that from the Internet, this EC2 Instance cannot be connected. - Elastic IP addresses: A public IPv4 address, connectable from the Internet used for: + EC2 instances + AWS elastic network interface (ENI) + Some other services need public IP address