超越基本 VPCs,高级 AWS 网络涵盖连接网络(VPC peering、Transit Gateway、VPN、Direct Connect)、私有服务访问(VPC endpoints、PrivateLink)以及跨 VPCs、accounts 和本地环境设计安全、可扩展的网络架构。
连接 VPCs 和网络
text
VPC PEERING → connect two VPCs privately (1-to-1; doesn't transit; can get complex at scale)
TRANSIT GATEWAY → a central hub connecting MANY VPCs (and on-prem) — scalable
hub-and-spoke networking (vs a mesh of peerings)
VPN → encrypted connection over the internet between AWS and on-premises
DIRECT CONNECT → a DEDICATED private physical link to AWS (consistent, high bandwidth,
low latency — for serious hybrid/on-prem connectivity, bypassing the internet)