AWS Knowledge Center Videos: “What is Amazon Virtual Private Cloud?”
Articles,  Blog

AWS Knowledge Center Videos: “What is Amazon Virtual Private Cloud?”


hi there my name is Ben and I’m a cloud support engineer here at AWS today I want to talk to you about Amazon virtual private cloud or Amazon VPC this service enables you to launch AWS resources in a virtual network that you define this virtual network may be very similar to what you already operate in your office with the added benefits of AWS scalable infrastructure a VPC can be a default VPC or a non-default BBC if your account supports the ec2 VPC platform only it comes with a default V PC that has a default subnet in each availability zone now let’s create a V PC using the AWS management console alright so here we are at the AWS services page let’s go to the V PC console there are actually a couple of ways of creating your V PC the easiest way is through the V PC wizard which is fine if you don’t have many requirements initially it offers four different scenarios depending on your use case and is great for spinning up a generic V PC but I’m actually going to show you how to create your V PC from the ground up in the navigation pane on the left select your V pcs then select create V PC in this dialog box give it a meaningful name that you’ll recognize from a list for side or block you just want to put a network cider and for tendency you can choose default or dedicated dedicated tenancy ensures that your instances run on single tenant hardware go ahead and click yes create you can add one or more subnets in each availability zone each subnet must reside entirely in one availability zone and cannot span zones a subnet can be public or private depending on whether it has a route through the internet gateway so let’s create a subnet here in the navigation pane on the Left choose subnets then choose the create subnet button give it an optional name here and select the bpc that you want to create the subnet with him and the availability zone that you want to create this I met in finally you want to create the subnet cider here the cider needs to fit within the cider of the VPC that you created the instances in the VPC need to communicate over the internet sometimes this can be achieved by using an internet gateway which is a redundant highly available VPC component that allows communications between the instances in your vbc and the internet an Internet gateway serves two purposes to enable communication between the internet and instances that have a public or elastic IP addresses and to allow instances in a private subnet to communicate with the Internet by placing a NAT gateway or in that instance in the public subnet so let’s create an Internet gateway in the navigation pane on the left hand side choose Internet gateways then choose create Internet gateway you can give it an optional name here and then hit yes create select the Internet gateway you just create it and choose attach to V PC in the attached dialog box choose the V PC that you created earlier and attach the Internet gateway a route table contains a set of rules called routes that determine where network traffic is directed each subnet in your V PC must be associated with the route table a subnet can only be associated with one route table but you can associate multiple subnets with the same route table when you create a V PC it automatically has a main route table assigned it is recommended that you use separate route tables for each of your subnets security groups are used to increase the security in your V PC they are attached to the E and I and operate at the instances interface level in our permissive in nature meaning you can only restrict allow access and cannot create rules for deny access please note that security groups are stateful meaning that response traffic is automatically allowed another type of firewall you may use in your AWS VPC is a network access control list or ACL which is used for controlling traffic in and out of one or more subnets by creating roles you can add or remove rules from the network ACL and they are evaluated starting with the lowest numbered rule please note that network ACS are stateless in nature meaning that inbound traffic rules do not have effect on the outbound traffic rules and vice versa thanks for watching and happy cloud computing from us here at AWS

Leave a Reply

Your email address will not be published. Required fields are marked *