DEV Community

KALPESH
KALPESH

Posted on

AWS VPC: Virtual Private Cloud

#aws #vpc

VPC is a virtual network that you create in the cloud. It allows you to have your own private section of the internet. Within this VPC, you can create and manage various resources, such as servers, databases, and storage.

VPC components

Virtual private clouds (VPC)

  • VPC is a virtual network that closely resembles a traditional network that you'd operate in your own data center. After you create a VPC, you can add subnets.

Subnets

  • Subnet is a range of IP addresses in your VPC. A subnet must reside in a single Availability Zone. After you add subnets, you can deploy AWS resources in your VPC.

IP addressing

  • You can assign IP addresses, both IPv4 and IPv6, to your VPCs and subnets.

Security Group

  • Security group acts as a virtual firewall for instances within a VPC. It controls inbound and outbound traffic at the instance level.

  • Security groups allow you to define rules that permit or restrict traffic based on protocols, ports, and IP addresses.

Network Access Control List (NACL)

  • Network Access Control List is a stateless firewall that controls inbound and outbound traffic at the subnet level. It operates at the IP address level and can allow or deny traffic based on rules that you define.

Network Address Translation (NAT)

  • Service that allows private IP networks to use the internet by translating private IP addresses to public IP addresses.

Routing

  • Route tables to determine where network traffic from your subnet or gateway is directed.

Gateways and endpoints

  • Gateway connects your VPC to another network. For example, use an internet gateway to connect your VPC to the internet.

  • VPC endpoint to connect to AWS services privately, without the use of an internet gateway or NAT device.

Peering connections

  • Use a VPC peering connection to route traffic between the resources in two VPCs.

Transit gateways

  • Transit gateway, which acts as a central hub, to route traffic between your VPCs, VPN connections, and AWS Direct Connect connections.

VPC Flow Logs

  • A flow log captures information about the IP traffic going to and from network interfaces in your VPC.

VPN connections

  • Connect your VPCs to your on-premises networks using AWS Virtual Private Network (AWS VPN).

Bastion Host in VPC

  • An Instance acts as a secure gateway to control access to a private network from an external network

  • It resides in a public subnet within the VPC, acting as an intermediary between external traffic and the private network.

Feel free to share and spread the knowledge! 🌟😊 Enjoy Learning! 😊

Top comments (0)