VPC subnets
In this section, we will look at how to organize our VPC subnets, following the least privileged principle. We have to expose and give access to our resources (EC2, ELB, and RDS) in the fewest possible circumstances, in order to limit security attacks and data leaks.
In each AWS region there is already a default VPC that has been created. If you want to know all of the details of this, I would recommend that you read the Default VPC and Default Subnets documentation at https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/default-vpc.html. However, in short, it is possible to say that everything you put there is potentially exposed to the public network if the security group that you configure allows that.
Routing and subnet types
In the official documentation at https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenarios.html, there are four scenarios described for your VPC configuration, and it will be useful to look into that. It is important to understand that access...