Turbot subnet types

Subnets are a key building block of the SDOps Networking Security Model. Subnet routing is calculated and continually enforced by Turbot guardrails based on the following core Subnet Types:

  • Public: Public IPs; Inbound access from Internet and no connectivity to private networks; outbound internet through cloud service provider.
  • DMZ: Public & Private IPs; Inbound access from Internet and very limited connectivity to private networks; outbound internet through cloud service provider.
  • Independent: Private IPs; Limited inbound access from specific known IPs and no access to private networks; outbound internet through cloud service provider.
  • Direct: Private IPs; No inbound access from public networks; controlled connectivity to private networks; outbound internet through cloud service provider.
  • Limited: Private IPs; No inbound access from public networks; controlled connectivity to private network; limited outbound internet is provided by VPC Endpoints to S3 and DynamoDB; all other outbound internet hair-pinned through private networks.
  • Private: Private IPs; No inbound access from public networks; controlled connectivity to private network; outbound internet hair-pinned through private networks.
  • Restricted: Private IPs; No inbound access from public networks; controlled connectivity to private network; no outbound internet.
  • Isolated: Private IPs; Limited access from specific known IPs and no access to private networks; no outbound internet.
Was this article helpful?
0 out of 0 found this helpful