Network and Configuration Hardening#
- Virtual Private Cloud (VPC)
By running ESS inside a VPC, you can ensure that all communication within the VPC is securely separated from external traffic.
Public subnets are gated by security groups and should only be able to accept traffic on ports 80 and 443.
To allow components in the private subnets to connect outside of the VPC, use a NAT gateway.