Blog > Introduction to Amazon Virtual Private Cloud (VPC)
Amazon Virtual Private Cloud (Amazon VPC) enables its users to provide a logically isolated section of amazon’s web service cloud where users can launch amazon web services (AWS) and resources into a virtual network. Users will have complete control over their virtual networking environment, including selecting their IP address range, creating a subnet, and configuring route tables network gateways. This virtual network closely resembles a traditional network that the user has to operate in its own data center, with the benefits of using the scalable infrastructure of AWS.
Way Amazon Virtual Private Cloud?
The three most essential benefits provided by Virtual Private Cloud are privacy, security, and prevention from loss of proprietary data. It does not just give the security, but it also provides the ease of connecting to their instances or services.
When a user wants to create an AWS credential, a default virtual private cloud is created, but in industry or at the production level, an organization needs to customize its virtual private cloud. AWS provides the tools required to customize Virtual Private Cloud.
Default VPC | Custom VPC |
The default VPC is created by AWS when the user will create a new account. | The Non-default VPC is created and configured by the user to an EC2 instance. |
All advanced features provided by EC2-VPC are preconfigured. | User must explicitly create a subnet, NAT, security group, internet gateway, etc. |
What is an IP Address?
An IP address is a logical, numerical label assigned as a unique entity to each device in a network. It is beneficial to locate the host in the network through the Network ID and Host ID present in the IP address.
Amazon VPC Terminology
Here are some terminologies that are used in a virtual private cloud (VPC), such as:
- VPC Subnet
- Route Table
- Elastic IPs
- Internet Gateway
- NAT Gateways
- Network ACLs
- Security Groups
Subnet
A range of IP addresses in a Virtual Private Cloud is called a subnet. AWS resources can be launch into a subnet selected by the user. Users can use a public subnet for resources connected to the internet and a private subnet for resources that won’t be connected to the internet.
Key Components of VPC
Internet Gateway and NAT: It is logically enables routing of traffic in the public network.
DNS: Standard DNS, which resolves names used over the internet into IP address.
Elastic IP: It is a static IP that never changes (supports only IPv4).
VPC Endpoints: Private connection between users’ Virtual Private Cloud and other AWS services without using the internet.
VPC Peering: Connection between VPCs
Route Tables: Defines how traffic is routed between each subnet.
Egress only IG: It allows only outbound communication from EC2 over IPv6.
Network Interface: A point of connection between a public and a private network.
VPC Benefits for Business Applications
VPC provides advanced security features such as security groups and access control lists to enable inbound and outbound filtering at the instance and subnet levels. Users can also store data in S3 and restrict access to be only accessible from instances in VPC. User can choose to launch dedicated instances which run on hardware dedicated to a single customer for additional installation. AWS management console helps to create and launch VPC more easily. Additionally, it provides all the same benefits as the rest of the AWS platform regarding scalability and reliability. Amazon VPC provides a variety of connectivity options to connect Virtual Private Cloud to the internet, too; the data center or other VPC is known as VPC peering based on AWS resources that users want to expose publically or privately. The connectivity options are as follows:
- Direct Internet Connection
- Multiple VPC Connection
- Network Address Translation
- Private Connection without NAT
- Secure Datacenter Connection
- AWS Private Link
Author: SVCIT Editorial
Copyright Silicon Valley Cloud IT, LLC.