Virtual Private
Cloud
Virtual Private
Cloud is a logically isolated section of AWS cloud where you can
launch your resources. You have complete control of your virtual
networking environment. You can create your own subnets and select
even your preferred private IP ranges. VPC can span multiple
availability zone in the same region but VPC can not span multiple
regions.
Internet Gateway
An Internet Gateway
provide access to internet for your instances in VPC. Internet
Gateway is redundant and highly available. Only one Internet Gateway
can be attached to a VPC at a time.
Since Internet
Gateway is horizontally scaled you don’t need to worry about single
point of failure.
Subnets
You can create your
own customized subnets in a VPC and assign the preferred private IP
address range. A subnet can not span multiple availability zone.
Route Table
A Route Table
contains set of rules which determines the direction of traffic. Each
subnet in your VPC must have a route table. A subnet can associate
only one route table but multiple sublets can associate same route
table.
Network Access
Control List
Network Access
Control List is nothing but a firewall which controls inbound and
outbound traffic of one or more subnets. A Network Access Control
List can be attached to multiple subnets but a subnet can associate
only one Network Access Control List, If you asscociate a second one,
previous association will be removed. Network Access Control List
permits “allow” and “deny” traffic and it is stateless.
Security Group
Security Group
contains set of rules which controls inbound and outbound traffic of
an EC2 instance.Security Group
permits only “allow” rules and it is stateful