Being one of the top cloud providers, AWS has put significant efforts in strategizing security solutions for their clients. It has been a great concern for Amazon to ensure their clients don’t face data breaches using their services especially when the data or the resources have to be shared with third parties. In this AWS VPC and Peering tutorial, we will understand what is VPC in AWS in detail and learn how to create a logically isolated network or an area within the AWS cloud known as Amazon Virtual private cloud(VPC).
Before getting started, here’s a list of all the topics that will be covered in this AWS VPC tutorial, in case you need to jump to a specific one.
Watch this What is VPC in AWS – AWS VPC Tutorial video:
Without further delays, let’s move on.
What is VPC in AWS?
Among all services that AWS offers, Amazon VPC is one that provides an additional layer of security for all AWS services that you use. AWS defines VPC as ‘a service that enables users to launch AWS resources, such as instances, into a virtual network that users define.’ This basically means that this service lets you use any of the services by AWS according to your needs in a logically isolated space in the AWS Cloud that you define. It also gives you full control over routing traffic to and from your instances.
There are two types of VPCs in AWS, namely:
- Default VPC: Every account created after 2013 supports VPCs and all these accounts come up with a default VPC in every region.
- User-defined VPC: User-defined VPCs, as suggested by the name, are created by users as per their requirements.
AWS VPC Peering
AWS VPC Peering is a functionality that enables two private networks to communicate with each other by building fast and reliable connections. AWS VPC peering connections can be used to route traffic from one VPC to another VPC network or to provide access to resources of one network to another. Each and every AWS account comes with a default VPC in every region that it supports.
Get 100% Hike!
Master Most in Demand Skills Now!
Peering actually allows traffic between two VPCs based on a specific resource’s network address. However, transitive peering is not supported in AWS VPC Peering. Transitive peering simply means that VPC-A can communicate with resources in VPC-C via VPC-B, just because VPC-B is connected to VPC-C. This type of networking and communication arrangement is not supported by AWS VPC Peering. Now, having talked about the meaning of AWS VPC, let us dig further into the benefits of the same.
AWS VPC Architecture
1- Subnets
A subnet is a subdivision of a network. When a network is broken down into smaller sub networks or subnets, that process is called subnetting. Now, we will talk about public and private subnets.
Public subnets: They are typically used in cases where the resources must be connected to the internet, for example, web servers. The main route table sends the subnet traffic to the internet gateway where the traffic is meant for the internet. Hence, this type of subnet is referred to as a public subnet.
Private subnets: On the contrary, private subnets are used for resources that do not need an internet connection.
Subnet sizing: Usually, it is found that private subnets have double the number of instances as compared to public subnets. Now, the sizing of CIDR blocks used in subnets is based on this typical deployment. However, the subnet resizing can be done during deployment by using CIDR block parameters as per architectural requirements.
2- Route Table
As mentioned earlier, VPC in AWS provides full control over the traffic. To do that, you have route tables. A route table consists of rules that are used to determine how and to where the traffic will be directed in a network.
Every subnet in Amazon Virtual Private Cloud should be associated with a route table that will control the routing for their respective subnet. A route table can be associated with multiple subnets in a network.
3- Internet Gateway
An Internet gateway is what allows your instance, launched in a subnet in your VPC, to connect to the internet. It lets the instance access the internet, and the internet and other resources, outside of the VPC, access the instance. Internet gateway is one of the most important components of VPC.
4- VPC Endpoints
VPC endpoints are used when you need to create a private network between your VPC and another AWS Service outside your VPC without relying on the internet, VPN, or NAT devices. Once an endpoint is created, it cannot be transferred from one VPC to another or any other service.
Endpoints are also only supported within the same region. If they are not in the same region, endpoints cannot be used to connect service and VPC.
AWS VPC peering benefits
There are multiple benefits of AWS VPC peering. It can either be easy deployment of cloud resources or ease of transferring data across resources. However, the most important benefits are security of the private networks, easy set-up and application performance. These are explained below:
Security
The first and foremost benefit of VPC is security. VPC in AWS provides advanced security at the instance level and at the subnet level. With VPC, you can specify the users who are allowed to access cloud resources and who are not.
Easy to Set-up and Use
AWS VPC is as easy to set-up as any other services offered by AWS. Using the AWS Management Console, you can easily set-up Amazon VPC. As for the default VPC for your account, it is pre-configured, which lets you focus on building and deploying apps.
Check out the AWS Course video to learn more about the concepts of AWS.
Application Performance
Application performance is largely affected by the congestion in the Internet. It can slow down the application traffic or even make the application slow. With VPC, the probability of application performance going down decreases as it helps in delivering the traffic with high priority, accordingly.
How to set up VPC Peering in AWS
Amazon has made it as easy as possible to create your VPC with just a few clicks. You can use your management console account and follow the following mentioned steps to get started with Amazon Virtual Private Cloud.
Step 1: When you log in to your Amazon account, just search for VPC in the search bar and you’ll see the following screen:
There will be a Launch VPC Wizard option as shown in the above screenshot, click on it
Step 2: After clicking on Launch VPC Wizard, you’ll be taken to a page that looks like the following screenshot and you’ll find the following four options there:
- VPC with a Single Public Subnet
- VPC with Public and Private Subnets
- VPC with Public and Private Subnets and Hardware VPN Access
- VPC with a Private Subnet Only and Hardware VPN Access
Start with the most basic option, that is, creating VPC with a Single Public Subnet. Click on Select
Step 3: In this next Page, you’ll have to fill in a few details such as VPC name, Availability Zone, etc.
You can leave the default settings as they are since they are the recommended settings by AWS. A subnet will be created for your VPC named Public Subnet, you can rename it in the subnet field.
After filling in the settings, click on Create VPC
Step 4: Once you click on the Create VPC option, a message will be displayed saying, ‘Your VPC has been successfully created’ as shown below. Here, click on OK
Step 5: To check the status of your VPC that you just created, navigate to the Your VPCs option. Here, you’ll see the VPC that you have created
Step 6: To check your subnet, navigate to the Subnets section. Here, you’ll see the subnet created in your VPC, named ‘Public Subnet’
You can also check the route table associated with your subnet by selecting your subnet and navigating to the Route Table option as shown in the following screenshot
This is how you can create a VPC in AWS, easily!
With this we come to an end of this AWS VPC and Peering tutorial, I hope you got a brief idea about what is VPC in AWS and how to create it.