Select Page

Amazon Virtual Private Cloud (VPC)

Amazon VPC: What is a Virtual Private Cloud?

A VPC resembles:

  • Private data centers
  • Private corporate networks

Private Network

  • Private and Public subnets
  • Scalable infrastructure
  • Ability to extend corporate/home network to the cloud as if it were part of your network

Amazon VPC: Benefits of a VPC

  • Ability to launch instances into a subnet
  • Ability to define custom IP address ranges inside of each subnet (private and puplic)
  • Ability to configure route tables between subnets
  • Ability to configure internet gateways and attach them to subnets
  • Ability to create a layered network of resources
  • Extending our network with VPN/VPG controlled access
  • Ability to use Security Groups and Subnet network ACLs

Understanding the default VPC

  • Default VPC is a difficult setup than a non-default VPC
  • Default VPC gives users easy access to a VPC without having to configure it
  • Default VPC subnets have internet gateways attached
  • Each instance added has a default private and public IP address
  • If you delete the default VPC, the only way to get it back is to contact AWS

Understanding the non-default VPC

  • Non-default VPCs have private IP addresses but not public IP addresses
  • Can only access resources through elastic IP addresses, VPNs, or gateway instances
  • Do not have internet gateways attached by default

VPC Peering

  • VPC Peering allows you to setup direct network routing between different VPCs using private IP addresses
  • Instances will communicate with each other as if they were on the same private network
  • VPC Peering can occur between other AWS accounts and other VPCs within the same region

Scenarios:

  • Peering two VPCs – Company runs multiple AWS accounts and you need to link all the resources as if they were all under one private network
  • Peering TO a VPC – Multiple VPCs connect to a central VPC but cannot communicate with each other, only the VPC (file sharing, customer access , Active Directory)

VPC Scenarios

  • VPC with public subnet only – Single tier apps
  • VPC with public and private subnets – Resources that don’t need public internet access/layered apps
  • VPC with public and private subnets and hardware connected VPN – Extending to on-premises
  • VPC with a private subnet only and hardware VPN access

VPC Limits

  • 5 VPCs per region
  • 200 Subnets per VPC
  • 50 Customers gateways per region
  • 5 Internet gateways per region
  • 5 Elastic IP addresses per region for each AWS accounts
  • 50 VPN connections per region
  • 200 route tables per region
  • 500 security groups per region