NACL
Stateless subnet-level access control as a second line of defense.
Prerequisites
Related Articles
AWS IAM Fundamentals: Users, Roles, Policies & Least Privilege
Users vs. roles vs. groups, identity-based vs. resource-based policies, policy evaluation logic, and applying least privilege in practice.
AWSEC2 Instance Types & Purchasing Options
Instance family naming (m6i, c7g, r6g), On-Demand vs. Reserved vs. Spot vs. Savings Plans, and picking the right combination for a real workload.
AWSS3 Storage Classes & Lifecycle Policies
Standard, Intelligent-Tiering, Glacier and Deep Archive compared on cost/retrieval time, plus lifecycle rules that move and expire objects automatically.
AWSRelated Projects
AWS Static Website Hosting
Production-grade static site delivery pipeline using S3 origin storage, CloudFront edge caching, ACM-issued TLS, Route53 DNS, and Cloudflare in front for extra security and performance.
BeginnerAWS Dynamic Website Hosting
Full dynamic web application stack on EC2 with an RDS-backed database, CloudFront + S3 for static assets, ACM TLS, Route53 DNS, and Cloudflare protection in front of the origin.
Intermediate