Your VPC
- A virtual private cloud is a virtual network that closely resembles a traditional networking that you operate in your own data center with the benefits of using the scalable infrastructure of AWS
- It is logically isolated from other virtual network in the AWS cloud.
- Maximum five VPC can be created and 200 subnet in one VPC can be created.
- we can allocate maximum five Elastic IP address to our VPC.
- Once we created VPC - DHCP, Network ACL and Security Group will be automatically created.
- A vpc is confined to an AWS region and doesn't extend between regions
- Allow us use multiple layer of security by using ACL, IGW, Security Groups, VPN, etc.
Architectures
Components of VPC
Some of the components of the VPC are -
- Implied router and routing table
- Security Group
- Network ACL
- Virtual private gateway
- Peering connection
- Elastic IP
Types of VPC
There are two types of VPC -
Default VPC
- Created in each AWS region when an AWS account is created.
- Has default - CIDR, Security Group, Network ACL and Route Table settings.
- Has an Internet gateway by default.
Custom VPC
-
Created by AWS account user.
-
AWS User decide the CIDR and subnet.
-
Has its own Security Group, Network ACL and Routing Table.
-
Doesn't have an Internet gateway by default, one needs to be created if needed.
-
When you create vpc you must -
- Create VPC
- Creates Subnets
- Create Internet gateway
- Defined routing Table
(must be in sequence)
Points to remember
- Once the VPC is created you can't change its CIDR block range.
- If you need different CIDR create a new VPC.
- The different VPC within a subnet can not overlap.
- You can however expand your VPC CIDR by adding new or extra IP address ranges (accept government cloud and AWS China).