VPC, is ideally, the logical isolation of your solution design on AWS Cloud. If you are marking your cloud debut, then post selecting the right AWS Region for your workloads, the next thing is to have logical isolation of where your business solutions' resources in AWS will be placed, for example, Compute, Storage etc
But often, VPC design is left to networking experts other than mentioning in the solution architecture diagrams, but this is one vital back bone, I would say. A VPC is multi-faceted, it scopes to be looked at from Networking, Security, Cost & Design scaling perspectives and these are the key factors to be under consideration while choosing the VPC design
There are lot of web definitions, HowTo guides for creating VPC and its components but this post is to discuss about the key pointers to be focused for a reliable VPC
With the Solution Design experience, I am listing few points that needs to be considered for VPC designs. Also, I do confess, that I am not an expert in VPC core networking implementation but the thoughts drafted here would suit most of the VPC implementations as essential factors
Vision
Firstly, on deciding to be on cloud, design needs good strategy for segregating resources for to be public, private and how scalable the workload is going to be, as this decides the CIDR IP address range, split of Public facing & Private facing subnets. Ultimately, having all the requirements considered, a good vision helps in getting a scalable network
Security
As per AWS Shared Responsibility Model, cloud presence of resources on cloud, is with the customer and hence proper enforcement of Public Access resources, Internet Access, Firewall, Security Groups, Route Tables all contributes a well secured network
Cost
Connectivity between VPCs, connect between on-premise network to AWS Cloud, End points for direct access to resources like S3, Direct Connect all these options to be gauged during design for estimating the cost in operating such network of systems
Monitoring
Well, all in place, and when your application is functioning perfectly on cloud, still we need to monitor the traffic in & out into the networks via VPC Flow Logs. This logging mechanism helps us in tracking the traffic and prevent attacks
Hope these helps in creating better VPC design !!
Top comments (0)