What is Amazon Virtual Private Cloud ?

What is Amazon VPC?

An Amazon Virtual Private Cloud (VPC) is a virtual private cloud that you can provision using the infrastructure that Amazon Web Services provides.

With an Amazon VPC, you have complete control over the configuration of your virtual network, including creating subnets, establishing routing policies, and defining security policies.

Additionally, you can take advantage of the rich AWS cloud services such as AWS Auto Scaling and Elastic Load Balancing.

Read also: What is serverless computing AWS?​

Amazon VPC allows you to apply your security and compliance policies using network access control lists, network firewalls, network access groups, and network security groups. Amazon VPC also supports advanced features such as elastic IP addresses and route propagation.

Advantages of using Virtual Private Cloud

•  An Amazon VPC allows you to set up a private, secure AWS environment independent of other AWS customers. You can use your VPC to create resources, such as subnets, that are only accessible to the help within your VPC
•  You can connect your resources within the Amazon VPC to help outside it using an internet gateway.
• An Amazon VPC provides security at the infrastructure level by giving you complete control over who has access to your resources and data.
• With an Amazon VPC, you can quickly provision resources in a virtual network with fine-grained access controls independent of your physical network.
• You can use an Amazon VPC to create secure development, testing, quality assurance (QA), and production environments.

VPC vs. Private Cloud

AWS VPC is the logical subdivision of Amazon Web Services. The cloud is defined by resources such as subnets, route tables, security groups, and Internet access control lists.

VPCs allow you to put resources in different subnets and public or private web properties. You can take advantage of VPC to implement security and network policies.

A private cloud is a set of virtual computers owned by a single organization. The Company can control, manage and access the private cloud whenever needed. The private cloud is more secure, cost-efficient, and manageable than the public cloud.

Amazon VPC Features

VPCs have all of the features that you’d expect from a managed cloud, including:

Routing: VPCs can be configured with a public or private IP address and connected to other VPCs through inter-VPC routing.

IP addressing: VPCs are logically separated from the rest of your AWS resources, so they have their IP address range. You can use one of these addresses for help within a VPC or an Elastic IP Address within a VPC.

Subnets: Each VPC has a public subnet and a private subnet. The public subnet is used for internet-bound traffic, and the remote subnet handles internal traffic.

Gateways and endpoints: A gateway is a connection to the Internet designed to allow resources in the VPC to communicate with resources outside of the VPC (for example, on the public Internet). An endpoint is a connection between resources in different VPCs that allows them to communicate with each other.

Peering connections: You can create peering relationships between your VPC and another VPC in your account or another account to which you have been granted access. This enables you to connect resources within your VPCs without using Internet-based endpoints. Traffic traversing a peering connection doesn’t travel across the Internet, so it’s faster and more secure than public endpoints. Traffic mirroring, Transit gateways (one way out only), and Across account peering is also available for cross-account traffic in both directions with special conditions.

Traffic mirroring: Traffic mirroring allows you to copy the network traffic from one or more virtual machine instances in a source VPC to one or more virtual machine instances in a target VPC. You can use this feature to test updates before applying them in production, test new features without affecting your production environment, or troubleshoot problems without affecting production instances.

Transit gateways (one way out only): Transit gateways provide an alternate connection from your VPCs to resources outside of AWS and an additional layer of security for your Amazon Elastic Compute Cloud (Amazon EC2) resources by requiring mutual authentication before establishing a connection. Transit gateways are one-way only—resources outside of AWS can initiate connections into your AWS resources through transit gateways. However, EC2 instances in your AWS resources cannot create relationships with resources outside of AWS through transit gateways.

Know more about: How to Host a Static Website on AWS S3?