Introduction to AWS VPC (Virtual Private Cloud)

By /

Introduction

A VPC stands for Virtual Private Cloud (VPC). It serves as a foundational pillar within the realm of cloud computing infrastructure, a pivotal offering presented by major cloud services providers such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and others. This essential component empowers organizations to forge their own private, segregated, and tailorable network environments within the expansive cloud landscape. With a focus on AWS VPC, Amazon Virtual Private Cloud facilitates the creation and deployment of AWS resources within a logically segregated virtual network, meticulously crafted to meet your precise specifications. This includes wielding full authority over your virtual networking ecosystem, encompassing the freedom to handpick your IP address range, establish subnets, and configure route tables and network gateways. Furthermore, you gain the capability to enforce multiple layers of security, incorporating security groups and network access control lists, to assert stringent control over access to Amazon Elastic Compute Cloud (EC2) instances dwelling within each subnet.

VPC Vs On-premises

VPC is a private cloud within a public cloud, it provides a layer of isolation within a public cloud, whereas a private cloud is built in a local environment, or we can say a dedicated cloud environment hosted on-premises.

The below table shows the difference between private cloud and VPC

Feature On-premisesAWS VPC
ScalabilityNo need to worry about infrastructure all are maintained by AWSHighly scalable just need to tell the requirement to the provider
Data SecurityOffer less security chances of data loss are moreNo need to Worry about infrastructure all are maintained by AWS
MaintenanceInfrastructure maintenance and its costCapital cost, maintenance cost
PricingNo need to worry about infrastructure all are maintained by AWSPay-as-you-go pricingCreating AWS VPC
Creating AWS VPC

How Amazon VPC works

As defined above a VPC is a virtual network AWS provides a platform to create VPCs. It is logically isolated from other virtual networks in the AWS cloud. The virtual network that you created resembles a traditional network that you’d operate in your own data center, with the scalable infra of AWS 

The above visual represents a VPC and Preview panel showing the created VPC when you create a VPC using the AWS Management console. You can access these visuals on your Resource Map tab. This shows a created VPC with its subnet that you created with your VPC and also shows the Route table attached with your subnet and more info. Regarding your VPC 

Key Component

A VPC isolated computing resources available from the other computing resources available in the public cloud. The key uses for this are:

1. Subnets 

Each VPC network consists of one or more IP address ranges called Subnets i.e. a Subnet is a range of IP addresses in your VPC. You can create AWS resources, such as EC2 instances, in specific subnets.

There are different types you can configure in routing for your subnets, these are:

  • Public subnet – A public subnet is a subnet that is associated with a route table that has a route to an Internet Gateway. This route allows access from the public subnet to the internet
  • Private subnet – A private subnet is a subnet that is associated with a route table that doesn’t have a route to the internet gateway. Resources in public subnets cannot communicate with the public internet.

2. IP Addressing

In VPC IP helps your resources to communicate with each other, and with other resources over the internet. You can assign both IPv4 and IPv6 to your VPCs and subnets. You can also attach your IP GUA (Global Unicast Address) to AWS resources in your VPC such as EC2 instances, and NAT Gateway.

3. Routing

You use Route Table to determine where the network traffic is directed from your subnet or gateway.

4. Gateway and Endpoints

A Gateway in a VPC helps you to connect to another network. For example, use an internet gateway to connect your VPC to the internet. The use of a VPC endpoint helps you to connect to AWS services privately, without the use of NAT devices or an internet gateway.

5. Peering Connections

To route traffic between the resources in two VPCs you use VPC peering connection.

6. Transit gateway 

A central hub, to route traffic between your VPCs, AWS Direct Connection, and VPN connection.

7. VPN connection

Help you to connect on-premises networks to your VPCs with the help of AWS VPN ( AWS virtual private network).

Creating AWS VPC

  • If you have an AWS account then login to your account, if not then you have to create your AWS account to access the services of AWS. You can create your AWS account by using the link given below.

( https://portal.aws.amazon.com/

  • In your AWS account search for VPC and use the following procedure to create a VPC. A VPC must have additional resources such as a subnet, route table, and gateway, before you create AWS resources in the VPC
  • In the Amazon VPC dashboard choose Create VPC.

 

  • You will find two ways to create VPC as shown below either you choose VPC only or you can choose VPC and more options.
  • VPC and more will provide you an option to configure subnet AZs and more while creating a VPC. we will create using VPC and more.
  • .In VPC and more Amazon will provide an auto-generated name for your VPC that is suitable for your VPC. 
  • Enter a value for the CIDR block (10.0.0.0/16 in this example) and use the default setting for Tenancy. You can also use IPv6 if you want to. 
  • Creating AWS VPC Now you have to choose the number of AZs in which you want to provision your subnet. Amazon will recommend you to choose at least 2 AZs for high availability. 
  • You can also customize your AZs
  • Select the number of private subnets and public subnets you want to use for your VPC. You can also customize your subnet CIDR block from here as shown in the picture
  • Now you have to choose the availability zone in which you want to create a NAT gateway you can choose a single NAT gateway in an AZ or every AZ contains a NAT gateway 
  • Basically, a NAT gateway is a service that helps you connect your instance in a private subnet to a service outside your VPC.
  • Select the endpoint for your VPC that helps you to reduce NAT gateway charges and improve security by accessing S3 directly from the VPC.
  • You also have the option to enable or disable DNS hostname and resolution. If you want to add some additional tags to your VPC you can go to the Additional Tags option
  • You can also preview your VPC as below shown 
  • Click on Create VPC. This will automatically create your subnet route table, subnets, internet gateway, NAT gateway 
  • Now, in your VPC dashboard, you will see your created VPC by clicking in it, you will see the details of your VPC as shown below.
  • On the left side select the subnets option, and you will see the created Subnets two Public Subnets, and two Private Subnets. 

How Amazon VPC works

  • Here in the public subnet, we create a Bastion Host to connect with resources present in the private subnet
  • On the left-hand side just below Subnets, you will find the Route table click on Route table and in this Route Table dashboard, you will find the Route table created by the VPC. 
  • Route Table will help your VPC to determine where network traffic will be routed. This table will consist of a security group that will define the subnets to route the traffic When you create a VPC it will create a default route table automatically. When a subnet doesn’t have a route table associated with it the main route table will be used by default.

Leave a Comment

Your email address will not be published. Required fields are marked *

VavenSoft ' advanced technologies are assembled to provide new opportunities for our clients. We ensure that cutting-edge technology for cooperative objectives will be made available.

Facebook-f Linkedin Twitter
Quick Links
Get In Touch

© 2024 All Rights Reserved.

Scroll to Top