Amazon Virtual Private Cloud

Amazon Virtual Private Cloud

Posted on Jan 17, 2020 (0)

Amazon Virtual Private Cloud

Amazon VPC allows us to create our own virtual private network within AWS in following ways

  • Help in selecting own private IP subnet space
  • Configuring Routing tables
  • Network gateway
  • Security policies

In a region, multiple VPC can be created and they are logically isolated even if they share IP address Space. Once any address space is assigned it cannot be changes after VPC is created.

There are two types of Network Platform available within AWS.

  • EC2-Classic
  • EC2 VPC

EC2-Classic was originally launched with a single, flat network shared between another AWS customers.

Below figure describes Amazon VPC, with address space of with two different subnets and placed in different availability zone.

An amazon VPC consists of the following components

  • Subnets
  • Route tables
  • DHCP options sets
  • Security groups
  • ACLS

An Amazon VPC has following optional components.

  • Internet Gateways
  • Elastic IP (EIP) address
  • Elastic Network Interfaces
  • Endpoints
  • Peering
  • NAT & NAT Gateway
  • Virtual private gateway


Subnets are the IP address ranges which is assigned to EC2 Instances, Amazon RDS databases, and other AWS resources.

Once VPC is created, one or more than one subnets is assigned in each availability zones, subnets present in one availability zones cannot be spanned to another availability zones.  Subnets may be public , private and VPN-only.

  • Pubic Subnets: Associated to routing table which directs the subnets traffic to VPC IGW.
  • Private Subnets: Associated to routing table which does not directs the subnets traffic to VPC IGW.
  • VPN-only: Associated to routing table which directs the subnets traffic to VPG and does not have route to IGW.

Route Tables:

Route table is collection of destination routes, which is looked up by Network device to route traffic from one destination to another. Route table can be modified and we can add your own custom routes. Route table can also be used to specify which subnets are public, private and VPN-only. Each route table contains a default route which is also called as local routes.


    You are will be the first.


Please login here to comment.