What is Amazon VPC?
The Amazon Virtual Private Cloud (Amazon VPC) is a custom-defined virtual network within the AWS Cloud. You can provision your own logically isolated section of AWS, similar to designing and implementing a separate independent network that would operate in an on-premises data center.
It is the networking layer for Amazon Amazon EC2, and it allows you to build your own virtual network within AWS. You control various aspects of your Amazon VPC, including selecting your own IP address range; creating your own subnets; and configuring your own route tables, network gateways, and security settings.
What all are the components of a VPC
An VPC consists of the following components
- Subnets: A segment of an VPC’s IP address range where you can place ec2 instance
- Route tables: Is a logical construct within an Amazon VPC that contains a set of rules (called routes) that are applied to the subnet and used to determine where network traffic is directed.
- Dynamic Host Configuration Protocol (DHCP) option sets: It provides a standard for passing configuration information to hosts on a TCP/IP network. The options field of a DHCP message contains the configuration parameters.
- Security groups: It the first level of firewall that controls inbound and outbound network traffic to AWS resources and Amazon EC2 instances
- Network Access Control Lists (ACLs): It the second level of firewall that controls inbound and outbound network traffic to AWS resources in subnet level.
An Amazon VPC has the following optional components:
- Elastic IP (EIP) addresses: It is a static, public IP address in the AWS region that you can allocate to your account and release. EIPs allow you to maintain a set of IP addresses that remain fixed while the underlying infrastructure may change over time
- Elastic Network Interfaces (ENIs): It is a virtual network interface that you can attach to an instance in an Amazon VPC
- Endpoints: Enables private connectivity to services hosted in AWS, from within your VPC without using an Internet Gateway, VPN, Network Address Translation (NAT) devices
- Peering: A peering connection enables you to route traffic via private IP addresses between two peered VPCs
- Internet Gateway: The Amazon VPC side of a connection to the public Internet
- Network Address Translation (NATs) instances and NAT gateways: A highly available, managed Network Address Translation (NAT) service for your resources in a private subnet to access the Internet
- Virtual Private Gateway (VPG), Customer Gateways (CGWs), and Virtual Private Networks (VPNs)