VPC - Manage Private Network on AWS
VPC is our own isolated network in the cloud.
Your resources always have to run in a VPC!
βͺ We have a VPC for each Region
βͺ VPC spans all the AZ (Subnet) in that Region
βͺ Multiple VPCs in different Regions
βͺ VPC is like a virtual representation of network infrastructure: Server setup, network configuration (router, firewall, DHCP etc.) moved to cloud
SUBNET
Subnet is a range of IP addresses in your VPC
It's like a private network inside a network:
We have a subnet for each Availability Zone:
Private and Public Subnets
βͺ Based on firewall configuration we can have a private and/or public subnet:
βͺ A subnet has a default range of internal(private) IP addresses
BUt : other services inside the vpc still have access
βͺ When you create a new resource like EC2 instance then an IP address is assigned within this subnet's IP range
βͺ For communication inside the VPC
not for outside web traffic
internal IP range on VPC level
Internet Gateway
βͺ Using an internet gateway you can connect the VPC or its subnets to the outside internet
Security - Controlling Access
Of course, we need to secure our resources:
βͺ Control access to your VPC
βͺ Control access to your individual server instances
secure your components
NETWORK ACCESS CONTROL LIST (NACL)
Configure access on instance level = Security group
Configure access on subnet level = NACL
Last updated