The cloud is inherently distributed. The applications and workloads are deployed across multiple VPCs and V nets. CSP services are also available in distributed manner to support application deployment patterns.
Here is the example of AWS VPC. Notice it has its own route tables, internet gateway, carrier gateways, endpoints, nat gateway, etc. If you create another AWS VPC, you will see all those services available to the new VPC as well.
Following the cloud implementation model, security should also be handled inside the same VPC or VNET. It is not the best idea to send the traffic to some centralized firewall for inspection.
Threats can come from distributed places, so we must manage security at multiple levels. It is not enough to just lock the front door with a centralized firewall.
![🎙 КОНАСОВА заигралась в медицину | Разоблачение от ХИМИКА | Ч. 2/2 | Химик про ... №4 [Репич]](https://s2.save4k.su/pic/75JyAMWasQ4/mqdefault.jpg)
