Amazon Virtual Private Cloud (VPC)
Amazon VPC is a service that allows you to launch AWS resources within a logically separate virtual network of your choosing.
Amazon Virtual Private Cloud (Amazon VPC) allows you to launch AWS resources into a predefined virtual network. This virtual network closely resembles a traditional network that you would run in your own data center. But, the difference between both of them comes because of the added benefit of utilizing AWS’s scalable infrastructure.
Each VPC you create is logically separated from other virtual networks in the AWS cloud. Each of those VPCs is completely customizable. You can choose and change the IP address range, create subnets, configure root tables, and so on.
In this blog, we will discuss Amazon VPC in detail. Initially, let’s look at the topics that we are going to cover in this blog:
How Amazon VPC works?
Amazon Virtual Private Cloud (Amazon VPC) allows you to launch AWS resources into a predefined virtual network. This virtual network closely resembles a traditional network that you would run in your own data center, but with the added benefit of utilizing AWS’s scalable infrastructure.
A VPC operates similarly to a traditional TCP/IP network, with the ability to be expanded and scaled as needed. However, the DC components you are accustomed to dealing with, such as routers, switches, VLANS, and so on, do not exist explicitly in a VPC. They were abstracted and re-engineered into cloud software.
Initially, let’s try to understand this in layman’s terms:
When we create resources in AWS, we have the option of assigning a default VPC to that resource as well as creating a custom VPC and assigning it to the resource we have with us.
When we create a VPC, we are essentially creating a container to store our resources. These instances, as depicted in the figure given below, are in different availability zones and can communicate with one another via virtual routers.
An Internet Gateway is in place to assist these resources in communicating with the internet or other resources available. This is how a Virtual Assistant works.
Read LaterBest-suited AWS Certification courses for you
Learn AWS Certification with these high-rated online courses
Amazon VPCs and subnets
A virtual private cloud (VPC) is a virtual network dedicated to your Amazon Web Services (AWS) account. It is physically separated from another virtual network in the AWS Cloud. You can modify the VPC’s IP address range, add subnets, associate security groups, and configure route tables.
When you create a VPC, you must specify an IPv4 address range for the VPC. This address range should be in the form of a Classless Inter-Domain Routing (CIDR) block, such as 10.0.0.0/18.
The diagram below depicts a new VPC with an IPv4 CIDR block. You can add one or even more subnets to each Availability Zone after you create a VPC.
A subnet is a part of the network. Each subnet must be entirely contained within a single Availability Zone and cannot span zones.
You can safeguard your applications from a single zone failure by launching instances in different Availability Zones. You can create an unlimited number of subnets, but they cannot overlap within the same VPC zone.
All VPCs are created and exist in a single AWS region. AWS regions are geographical areas where Amazon clusters its cloud data centers from around the world.
The benefit of regionalization is that a regional VPC provides network services that originate in that geographical area. You can set up another VPC in another region if you need to provide closer access to customers in that region.
Default and nondefault Amazon VPCs
There are two kinds of VPCs. Both of the types are discussed below:
- Default VPC
- Nondefault VPC
The default VPC is a virtual network that is created automatically for the customer’s AWS account the first time EC2 resources are provisioned. Whereas a nondefault VPC or Customer VPC is not automatically created, and the customer must create their own VPC when EC2 resources are provisioned.
Let’s look at the difference between these two in a tabular format:
| Benchmark | Default VPC | Nondefault VPC |
| Creator | AWS | End-user |
| Ready to use | Yes | Partially |
| No. of VPC in a region | One | 5 by default |
| By default, internet access | Yes | No |
Elements of an Amazon VPC
There are various elements that you can use to configure networking in your VPC. Some of the elements are :
NAT Gateways
NAT Gateways are used to connect instances in a private subnet to the internet or AWS services. Furthermore, the gateway ensures that the internet does not initiate a connection with the instances.
Network Access Control Lists (ACL)
By default, A VPC will come with a Network ACL. A network access control list (ACL) is an optional security layer for your VPC that acts as a firewall to control traffic in and out of one or more subnets. You can, for example, create a rule that allows all email traffic to pass through to the network but blocks traffic containing executable files.
Route Table
A route table is a collection of rules, known as routes. These routes are used to determine where network traffic from your subnet or gateway is directed.
Internet Gateway
An internet gateway is a highly available VPC component that connects your VPC to the internet. It has no effect on your network traffic’s availability or bandwidth.
If you want to learn more about AWS resources, you can refer to the following blogs:
Top Trending Tech Articles:
Career Opportunities after BTech | Online Python Compiler | What is Coding | Queue Data Structure | Top Programming Language | Trending DevOps Tools | Highest Paid IT Jobs | Most In Demand IT Skills | Networking Interview Questions | Features of Java | Basic Linux Commands | Amazon Interview Questions
Recently completed any professional course/certification from the market? Tell us what liked or disliked in the course for more curated content.
Click here to submit its review with Shiksha Online.
Top Picks & New Arrivals
