Amazon Virtual Private Cloud (VPC) is a networking service, where you can create a private virtual network within the AWS cloud infrastructure, isolated from the rest of AWS. You can think of VPC as a big box on the cloud where you can place all of your AWS services, which is also completely isolated from everyone else’s boxes.
You have complete control over the virtual networking environment, allowing you to easily customize the network configurations to fit your needs. This means you can completely customize the way you isolate or expose resources inside your VPC.
When you deploy other AWS services inside the VPC, they inherit the security built into the network. You can configure or define anything from route tables and network gateways, subnets, to IP address ranges. You can use IPv4 and IPv6 for secure and easy access to resources and applications.
VPC Wizard allows you to use one of the common network setups to spin up a VPC with automatically configured subnets, IP ranges, route tables, and security groups.
You can create multiple layers of security to help control access to your EC2 instances in each subnet by using security groups and network access control lists. The security controls offered allows you to allow or deny specific internal or internet traffic to your resources.
You can also create a Hardware Virtual Private Network (VPN) between your on-premise corporate data center and your VPC.
Amazon VPC Features
- Utilizes high availability of AWS Regions and Availability Zones
- Subnet: Used to divide VPCs, and allows it to span multiple AZs
- Route Table: Controls traffic going out of subnets
- Internet Gateway: Allows internet access from VPC
- NAT Gateway: Allows private subnet resources to access the internet
- Network Access Control Lists (NACL): Stateless control access to subnets
- Security Group: Routes traffic to instance and functions as built-in firewall