Scribd
Upload
26 views

Lesson 2 VPC

The document discusses Amazon Virtual Private Cloud (VPC). VPC allows users to provision virtual networks that are logically isolated and dedicated to their AWS account. Key components of a VPC include subnets, route tables, security groups, and availability zones. VPC provides security, customization, and monitoring benefits compared to traditional data centers.

Uploaded by

Naveen Dileesha
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
26 views

Lesson 2 VPC

The document discusses Amazon Virtual Private Cloud (VPC). VPC allows users to provision virtual networks that are logically isolated and dedicated to their AWS account. Key components of a VPC include subnets, route tables, security groups, and availability zones. VPC provides security, customization, and monitoring benefits compared to traditional data centers.

Uploaded by

Naveen Dileesha
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 20

Virtual Private Cloud

Core AWS Services


• Virtual Private Cloud (VPC)
• Elastic Compute Cloud (EC2)

2
Core AWS Services
Amazon Virtual Private Cloud (VPC)

Understand the VPC concepts

o Networking
o Subnets
o Security
o Virtual Private Network (VPN)
Virtual Private Cloud (VPC)
When we start using AWS, the VPC is a type of ecosystem:

• everything shares the same network

VPC usually consists of:


• Subnets
• Route Tables
• EC2 Servers
• Network ACLs
• Security Groups
• Availability Zones
Virtual Private Cloud (VPC)
VPC allow you to provision virtual networks hosted on AWS
cloud and dedicated to your AWS account

o Have complete control over your virtual networking


environment
o VPCs are logically isolated from other virtual networks
o Many AWS resources, such as EC2 instances are launched
into VPCs
o VPCs key features are configurable:
• IP Address Ranges
• Routing
• Network Gateways
• Security Settings
Virtual Private Cloud (VPC) benefits
o Secure and monitored network connections
o Amazon VPC provides advanced security features that
allow you to perform inbound and outbound filtering at the
instance and subnet level.
o Amazon VPC also has monitoring features that let you
perform functions like out-of-band monitoring and inline
traffic inspection, which help you screen and secure traffic
Virtual Private Cloud (VPC) benefits
o Simple set-up and use
o With Amazon VPC's simple set-up, you spend less time
setting up, managing, and validating,
o You can create a VPC easily using the AWS Management
Console or Command Line Interface (CLI).
o VPC automatically creates the subnets, IP ranges, route
tables, and security groups you need.
Virtual Private Cloud (VPC) benefits
o Customizable virtual network
o Amazon VPC helps you control your virtual networking
environment by letting you choose your own IP Address
range, create your own subnets, and configure route tables
to any available gateways.
o You can customize the network configuration by creating a
public-facing subnet for your web servers that has access to
the internet.
o Place your backend systems, such as databases or
application servers, in a private-facing subnet.
Virtual Private Cloud (VPC)
o Each VPC lives in a region
o VPCs can include resources in more than one Available
Zone
o Possible to create multiple VPCs in the same AWS account
and regions
VPCs and Subnets
o A subnet defines a range of IP addresses in a VPC.
o Launch AWS resources into a subnet that you select
o Each subnet must reside entirely within one Availability
Zone and cannot span zones
VPC Example
o Create an public facing subnet for web servers
o Create a private facing subnet for application and database
servers
o Create a Virtual Private Network (VPN) connection
between organization data center and AWS VPC
VPC Route Tables
o Your VPC has an implicit router, and you use route tables
to control where network traffic is directed.
o Each subnet in your VPC must be associated with a route
table, which controls the routing for the subnet (subnet
route table).
o You can explicitly associate a subnet with a particular route
table.
VPC Servers
o Web servers and application servers in your VPC can
leverage Amazon EC2 elasticity and Auto Scaling features
to grow and shrink as needed
o You can launch your Amazon EC2 resources, such as
instances, into the subnets of your VPC. Your VPC closely
resembles a traditional network that you might operate in
your own data center, with the benefits of using scalable
infrastructure from AWS.
Security in VPC
AWS provides various
security features to protect
the virtual network
environments

o Security Groups

o Network Access Control


List (ACL)

o Key Pairs
VPC Network ACL
o The Network Access Control List (ACL) is an optional
security layer for your VPC. It acts as a firewall for
controlling traffic flow o and from one or more subnets.
Network ACLs can be set up with rules similar to your
security groups
o By default, each network ACL denies all inbound traffic to
and outbound traffic from the associated subnet until you
add rules. You can associate a network ACL with multiple
subnets.
VPC Security group
o Security groups act as a firewall for
associated Amazon EC2 instances,
controlling both inbound and
outbound traffic at the instance
level. When you launch an instance,
you can associate it with one or
more security groups that you've
created
o Rules are added to each security
group, which allows traffic to or
from its associated instances.
Basically, a security group controls
inbound and outbound traffic for
one or more EC2 instances
VPC availability zone
o Region and Availability Zone
Concepts. Each Region is
completely independent. Each
Availability Zone is isolated, but
the Availability Zones in a Region
are connected through low-latency
links
o Regions and Availability Zones
allow anyone to create worldwide
infrastructure with ease. They also
allow for many options for creating
redundancy within your platform.
By properly using these
components, you can create world-
class level systems in terms of both
scale and reach
VPN Connections
Ways to extend organization on-premises networks to the
AWS cloud and securely access them from anywhere
VPN complete system

You might also like