What is VPC in AWS
Last updated on Jun 12, 2024
What is VPC in AWS - Table of Content
- What is a VPC in AWS?
- Architecture of VPC
- Elements of Amazon VPC
- What can you do with a VPC?
- Conclusion
What is Amazon VPC?
Amazon Virtual Private Cloud or Amazon VPC is an AWS service that provides you with a separate area of the cloud. Having this separate area, you can launch your own defined AWS services in a virtual network.
Here, in VPC you have complete control of your virtual environment which includes IP address range, the configuration of route tables, the creation of subnets, and network gateways. Also, the network configurations can be easily customised for the Amazon VPC.
Like all the other AWS services, Amazon VPC provides top-notch security. It has multiple layers of security which include network access control lists and security groups to manage the Amazon EC2 instances’ access in each subnet.
We have the perfect professional AWS Training course for you. Enroll now!
Now to understand the entire scenario of VPC, even better, let's have a look at the architecture of VPC.
Architecture of VPC
- The above picture shows the architecture of VPC, so there’s an outer region and inside that outer region there’s an Internet Gateway and Virtual Private Gateway.
- Internet Gateway and Virtual Private Gateway are what help in the connection with the VPC. These connections pass through the router which directs the coming traffic to the router table.
- The two Router Tables then direct the traffic to Network ACL, which is like a firewall for security purposes.
- The Network ACLs can either accept or deny the roles. Also, the IP Address can be blocked on the Network ACL.
- The respective Network ACL signals to their respective security groups to access lines against the EC2 Instance.
- Now, there are two subnets - Public Subnet and Private Subnet.
As the name suggests, in the public subnet internet can be accessed by the EC2, while in the private subnet EC2 instance cannot be accessed through the internet. - There’s also a process called “Jump Boxes” which enables you to connect the EC2 Instances (the public subnet can be connected to the private subnet’s instance).
Now, when we know about the architecture of VPC, it's time to understand the different elements of VPC.
Top 50+ Frequently Asked AWS Interview Questions !
AWS Training
- Master Your Craft
- Lifetime LMS & Faculty Access
- 24/7 online expert support
- Real-world & Project Based Learning
Elements of Amazon VPC.
The elements included in the Amazon VPC are:
IPv6 and IPv4 address blocks
VPC IP addresses use CIDR (Classless Interdomain Routing) IPv6 and IPv4 blocks to define their ranges. Primary and secondary CIDR blocks can be added to the VPC if the secondary Classless Interdomain Routing block comes from a similar address range as the primary block.
Subnet Creation
The EC2 Instance that is launched runs inside a specific VPC subnet. And, each subnet’s CIDR as a subset of the VPC Classless Interdomain Routing block. Every subnet separates its respective traffic from all the other VPC subnet traffic. It must be noted that a subnet can only have one CIDR block and different subnets are to be designated to handle diverse traffic types.
Route Tables
Route Tables are actually the rule book that decides how much network traffic must be directed inside the VPC and subnets. A default route table is created by the VPC called the main route table. And, this main route table has an automatic association with other VPC subnets.
There are two options - either the main route table can be updated and used to direct network traffic OR a new route table can be created for individual subnet traffic.
Internet Connectivity
Each VPC configuration is able to host one Internet Gateway and hence provide NAT or the Network Address Translation services using a NAT Gateway or NAT instances.
Elastic IP Addresses (EIPs)
Elastic IP Addresses or EIPs are IPv4 addresses permanently allocated to the user’s AWS account. The EIPs enable public internet access to the following:
- An instance
- Elastic Network Interface or ENI
- Miscellaneous services that require a public IP address.
Network/Subnet Security
In the VPC architecture, you had seen there’s something called the “security group,” so VPCs use those security groups to give protection for instances. These security groups are referred to as firewalls by AWS.
Additional Networking Services
There are several more services provided by a VPC. The VPC can also be used to configure the following:
- Virtual Private Networks or VPNs
- Direct connectivity between VPCs or VPC peering
- Gateways
- Mirror sessions
Now, when you are well versed with the basics of Amazon VPC, let’s have a look at what you can do with a VPC.
Subscribe to our YouTube channel to get new updates..!
What can you do with a VPC?
- Instances can be launched in a subnet that you choose.
- Custom IP address ranges can be assigned in each subnet
- Route Tables can be configured between subnets.
- An internet gateway can be created and attached to your VPC.
- You get excellent security over your AWS resources.
- Security groups can be assigned to individual instances.
Conclusion
By now you would be well versed with everything you need to begin with Amazon Virtual Cloud. In the beginning, we learnt the basics of Amazon VPC and continued to learn its architecture. While at the architecture of VPC, we saw different parts of it and saw each of them briefly.
Once you knew all the architectural parts, you saw the elements of VPC and studied them in brief. Finally, after learning about different elements and several other basics of Amazon Virtual Cloud, we saw the applicability of the same.
Related Articles:
About Author
Ishan is an IT graduate who has always been passionate about writing and storytelling. He is a tech-savvy and literary fanatic since his college days. Proficient in Data Science, Cloud Computing, and DevOps he is looking forward to spreading his words to the maximum audience to make them feel the adrenaline he feels when he pens down about the technological advancements. Apart from being tech-savvy and writing technical blogs, he is an entertainment writer, a blogger, and a traveler.
Upcoming AWS Training Online classes
Batch starts on 21st Dec 2024 |
|
||
Batch starts on 25th Dec 2024 |
|
||
Batch starts on 29th Dec 2024 |
|