Amazon Virtual Private Cloud
Amazon Virtual Private Cloud provides a logically isolated area of the AWS cloud where you can launch AWS resources in a virtual network that you define. User have complete control over their virtual networking environment, including a selection of their IP address range, the creation of subnets, and configuration of route tables and network gateways.
A Virtual private cloud is a private cloud computing environment contained within a public cloud. It gives all the benefits of the traditional network that you have for your own data center. Resources and applications are accessed through IPV4 or IPV6 in your AWS VPC.
E.g: Public cloud is a restaurant, and a virtual private cloud is a reserved table in that restaurant. Even though the restaurant is full of people, a table with a Reserved sign on it can only be accessed by the person who made the reservation.
Buy the best book for AWS- AWS Certified Solutions Architect Study Guide- by Ben Piper and David Clinton, Google Cloud Certified – Professional Cloud Architect” by Dan Sullivan
Ø VPC Elements:
1. Subnets:It is a portion of the network that shares a common address component. All devices whose addresses have the same prefix are in the same subnet. There are two types of subnets. Private Subnet where resources are not exposed to the outside world and Public Subnet where resources are exposed to the internet through internet gateway.
2. Route Table: This tables are the set of rules that are used to determine where the network traffic has to be directed. The route table specified the destination (IP address) and target (Where do want to send the traffic to the destination). The target can be NAT gateway, Virtual Private Gateway, Internet gateway, VPC peering connection etc.
3. Internet Gateways: This Virtual Private Cloud component is horizontally scaled and features high availability as well as robust redundancy. VPCs use internet gateways to communicate with the internet at large. The two purposes of an internet gateway are;
ü Executing network address translation for instances where a public IPV4 address has been assigned
ü Setting a target in VPC route tables for internet rout-able traffic
Ø Types of AWS VPC:
1. Default VPC: This type of Virtual Private Cloud is automatically created for the customer’s AWS account when EC2 resources are provisioned for the first time. This type of VPC includes internet access by default, as well as an internet gateway and public subnets with corresponding route tables.
Buy the best book for AWS- AWS Certified Solutions Architect Study Guide- by Ben Piper and David Clinton, Google Cloud Certified – Professional Cloud Architect” by Dan Sullivan
2. Customer VPC: This type is also known as a non-default Virtual Private Cloud, because it’s not created automatically when EC2 resources are provisioned, and the customer must create manually their own VPC. In this type of VPC, public IPV4 addresses are not assigned.
Ø Advantages of VPC:
ü Create a layered network of resources.
ü Static IPV4 is assigned to instances that persist across the start and stop.
ü Access Control List (ACL) is an additional security layer to protect instances.
ü Multiple IPV4 can be assigned to your instances.
ü Control both inbound and outbound traffic of instances.
ü Multiple network interfaces can be attached to EC2 instances.