AMAZON VIRTUAL PRIVATE CLOUD(VPC)
What is a Virtual Private Cloud?
An Amazon virtual private cloud is an Amazon Web Service and is a virtual network which host resources in the cloud as well as ensuring communication between them. VPCs are region specific and uses CIDR (Classless Inter-Domain Routing) to determine the size of the network. By size of the network, we mean the IP address range for that network. Only 5 Amazon VPCs can be created in a region. It can be done using the AWS Management Console which is the web interface, AWS Command Line Interface (AWS CLI), AWS SDKs and Query API.
Definition of a Virtual Private Cloud.
A virtual private cloud (VPC) is a virtual network which is isolated in the cloud and permits the launch, build and communication of resources with the public (internet) when necessary. A VPC being a defined isolated network in the cloud can be subdivided into smaller containers known as Subnets.
What are Subnets?
Subnets are smaller divisions of a bigger Container (VPC) or simply subsets of a larger network, and are contained or created in Availability Zones (AZs). Since they are small in nature, many of them can be created in a VPC and on AZs and AWS allows only 200 to be created per VPC. Subnets host resources which communicate with each other using Route Tables. Subnets can be further divided into Public and Private.
A Subnet is said to be public if only it is allowed to communicate with the internet through the Internet Gateway through the Route Table association.
- Private Subnet:
Subnets are private if their communication with the Internet is not possible and uses the Network Address Translation gateway (NAT gateway) for updates from the Internet.
Security In the VPC
An AWS VPC has different layers of security to make sure that all services are protected from malware, hackers and unauthorized access of these resources. These layers include;
- Web Access Firewall (WAF) which is the first layer of security at the Internet level.
- Network Access Control Lists (NACLs): It is the security at the Subnet level and controls access to resources in the availability zone. This access is done by rules which you define.
- Security Groups which an additional layer of security at the resource level for example EC2 Instances.
Skeletal Representation of a VPC Architecture
For More Article
Check out our top recommended web hosting services:
For More contact us below