- Amazon VPC - Home
- What is Amazon VPC?
- Amazon VPC - Components
- Creating Your First VPC
- Public vs Private Subnets
- Amazon VPC - Security Groups
- Network Access Control Lists
- Amazon VPC - Flow Logs
- Amazon VPC - Endpoints
- Amazon VPC - Peering
Amazon VPC Useful Resources
What is Amazon VPC?
Amazon Virtual Private Cloud (VPC) is a key feature of Amazon Web Services (AWS) that allows you to set up your own isolated network within the AWS cloud.
Amazon VPC gives you full control over your networking environment. You can customize your own IP address ranges, create subnets, and configure route tables and gateways.
With the help of Amazon VPC, you can securely connect your AWS resources like EC2 instances, RDS databases, and Lambda functions. You can also maintain strong security measures like network access controls and data encryption.
With Amazon VPC, you can select how your resources communicate with each other and with the Internet. It ensures that your infrastructure is modified according to your business needs.
In simple words, Amazon VPC acts like a personal data center in the cloud that allows you to build your applications and services in a secure and controlled environment.
Features of Amazon VPC
Amazon VPC has various features that enable businesses to securely and efficiently manage their cloud infrastructure.
Listed below are some of the key features of Amazon VPC −
VPC Flow Logs
Flow logs is a feature that allows you to capture and monitor network traffic within your VPC. It enables you to monitor both incoming and outgoing traffic which helps you understand the flow of information in your network and detect any suspicious activity.
IP Address Manager (IPAM)
IPAM is a feature that allows you to plan, manage, and monitor IP addresses across your AWS environment. With the help of IPAM, you can automate IP address assignment.
IPAM prevents IP conflicts and ensures that your resources have the right IP address available when needed.
IPv4 and IPv6 Support
Amazon VPC supports both IPv4 and IPv6 addressing. Thats how it enables your applications to communicate using the latest internet protocol. It gives you the option to use Amazon provided public IPv4 addresses, Elastic IPv4 addresses, or an IP address from the Amazon provided IPv6 subnet CIDR. You can also use your own IPv4 or IPv6 addresses within the Amazon VPC.
Ingress Routing
This feature allows you to control how all incoming and outgoing traffic to your Amazon VPC is routed. It enables you to direct the traffic to specific endpoints like firewalls, before it reaches your business workloads.
Ingress Routing enhances network security, enable traffic filtering, monitoring, and load balancing.
AWS Direct Connect
AWS direct connect feature, as name implies, provides a dedicated and private connection between your on-premises data center and AWS. It bypasses the public internet hence gives more consistent network performance and enhance security for sensitive data.
Reachability Analyzer
Amazon VPC reachability analyzer is a network diagnostic tool with the help of which you can analyze and troubleshoot network connectivity issues within your VPC. Its main role is to examine network paths between two endpoints such as EC2 instances, and check whether they are accessible or not.
If there is an issue with connectivity, then the Reachability Analyzer identifies the blocking component like security groups, network access control lists (ACLs), or route tables.
Network Access Control List (ACLs)
It is an optional layer of security for your VPC. It actually acts as a firewall that controls traffic of one or more subnets. You can set ACLs with the same rule you use to set your security groups in VPC.
Security Groups
This feature allows you to control in and out traffic at the instance level such as Amazon EC2 instances. It also acts as a firewall. It is recommended to associate your Amazon instance with one or more security groups. If you do not specify a group, your instance will automatically associate with the VPCs default group.