AWS Virtual Private Cloud - Part2




Virtual Private Cloud

Virtual Private Cloud is a logically isolated section of AWS cloud where you can launch your resources. You have complete control of your virtual networking environment. You can create your own subnets and select even your preferred private IP ranges. VPC can span multiple availability zone in the same region but VPC can not span multiple regions.

Internet Gateway

An Internet Gateway provide access to internet for your instances in VPC. Internet Gateway is redundant and highly available. Only one Internet Gateway can be attached to a VPC at a time.
Since Internet Gateway is horizontally scaled you don’t need to worry about single point of failure.

Subnets

You can create your own customized subnets in a VPC and assign the preferred private IP address range. A subnet can not span multiple availability zone.

Route Table

A Route Table contains set of rules which determines the direction of traffic. Each subnet in your VPC must have a route table. A subnet can associate only one route table but multiple sublets can associate same route table.

Network Access Control List

Network Access Control List is nothing but a firewall which controls inbound and outbound traffic of one or more subnets. A Network Access Control List can be attached to multiple subnets but a subnet can associate only one Network Access Control List, If you asscociate a second one, previous association will be removed. Network Access Control List permits “allow” and “deny” traffic and it is stateless.

Security Group

Security Group contains set of rules which controls inbound and outbound traffic of an EC2 instance.Security Group permits only “allow” rules and it is stateful