Introduction
The core of AWS cloud hosting, the Amazon Virtual Private Cloud (VPC), is a difficult notion for developers with little background in infrastructure operations to grasp. Although they are the team members most active in cloud initiatives, developers have little experience with infrastructure management ( (in most cases).
We’ll begin this blog by looking at the various VPC settings that AWS offers. We’ll then go on to comprehend technical terms related to VPC. Then, in order to make it easier for everyone to comprehend VPC, we will convert these technical terms into everyday language.
To learn more about the basic networking of AWS, join AWS Course in Chennai to better understand AWS services.
What is EC2-VPC?
You can define a virtual network in your own logically isolated section of the AWS cloud using Amazon VPC, also known as a virtual private cloud (VPC). Your AWS resources, such as instances, can be launched inside your VPC. Your VPC offers the benefits of scalable infrastructure provided by AWS while closely resembling a conventional network that you may run in your own data centre.
Virtual Private Cloud (VPC)
AWS offers a feature called Virtual Private Cloud that allows us to launch AWS services in a virtual network that is logically separated (similar to a local data centre). It allows us total control over the deployment of resources (which AZ), connectivity (route table, peering), and security in our virtual networking environment (Security Group & NACL). Regional service is provided. Every region in our account will have a default VPC so we can get going immediately.
Classless Inter-Domain Routing (CIDR)
We need to provide a Classless Inter-Domain Routing (CIDR) block in order to construct a VPC. Our VPC needs to be /16 or less. Because we cannot change the scope of an established CIDR block, we must be careful while choosing the appropriate size of VPC. Four 8-bit decimal numbers, or octets, represent an IPv4 address. The number of bits locked from the left is the prefix number (Mask). The first 16 bits in the aforementioned example are fixed. The IPs in the subnet will be determined by the permutations of the remaining (32 -16=16) bits.
Internet Gateway
Once we have VPC, the next thing we require is the capacity to access local resources via the internet. Resource access across the internet is made possible through the Internet Gateway, a VPC component. We first construct an IGW, then link it to a VPC and add a route pointing to the IGW Id to the routing table (more on this later). For the instance address, IGW will do a 1-to-1 NAT.
The response address to the internet is changed from the instance’s private IP to its public/elastic IP.
Internet: The instance’s private IP address is altered from the target’s public IP address.
FITA Academy offers the best AWS Online, which will help you to develop your technical skills in the AWS domain.
Subnet
In your VPC, a subnet is a set or range of IP addresses. One AZ is connected to each subnet.
Public Subnet: A subnet is referred to as a public subnet if it is connected to a routeing table with a route to an internet gateway.
Private Subnet: A subnet is a private subnet if its route table does not include a route to an internet gateway.
VPC Endpoint
We must use the internet to access AWS services like S3, DynamoDb, SNS, and SQS that are not in a VPC. VPC Endpoint is a service AWS offers to lessen traffic and improve security. Virtual devices are VPC endpoints. It adds a prefix-list route to the route database for the private subnet. The chosen subnet assigns the endpoint a private IP address. We do not require NAT or IGW since the IPs are private. The traffic will never exit the AWS network in this fashion. These endpoints are restricted to one VPC and are local to the area. Furthermore, it enables endpoint policies, which allow us to regulate what can pass via these endpoints.
Conclusion
The basics of VPC on AWS were discussed in this blog. DHCP, DNS resolution, route propagation, and network appliances are some more concerns. We’ll talk about those in a separate blog post.
To learn more about AWS Virtual Private Cloud, join AWS Training Institute in Coimbatore.