AWS VPC Overview
Virtual Private Cloud
VPC or Virtual Private Cloud as the name exemplifies is the private cloud which can be built on AWS.
It comprises of:
Subnet: Subnet are smaller subnets within VPCs where in EC2 instances reside and are associated with a Route Table.
Route Table: These are tables which carries the next hop details for reaching a subnet.
Main Route Table: Route Table by default. If a subnet is not associated with any Route Table it gets associated with Main Route Table.
Access Control List: These are stateless and are defined at the subnet. These are defined to allow or deny a particular subnet/IP addresss from reaching the associated Subnet. These are to be defined bothways.
Security Group: These are stateful and are applied on every instance to permit or block the flows/subnets/IP addresses.
Internet Gateway: These are gateways which are applied to a VPC to allow connectivity towards internet.
NAT gateway: For private subnets to access internet it is advisable to go via NAT gateways. NAT gateways generally reside in public subnet and have an elastic IP associated. They are limited to an Availability Zone and do not span more than 1 Availability Zone.
NAT instance: These are EC2 instances residing on Public subnet which provide NAT capability or connectivity to internet for the private subnets.
Reserved IP ranges: There are 5 IPs reserved by AWS. First IP of the subnet is reserved for the VPC router.
Below image provides a pictorial view of the AWS VPC depicting its components vis-a-vis its positioning.
VPC or Virtual Private Cloud as the name exemplifies is the private cloud which can be built on AWS.
It comprises of:
Subnet: Subnet are smaller subnets within VPCs where in EC2 instances reside and are associated with a Route Table.
Route Table: These are tables which carries the next hop details for reaching a subnet.
Main Route Table: Route Table by default. If a subnet is not associated with any Route Table it gets associated with Main Route Table.
Access Control List: These are stateless and are defined at the subnet. These are defined to allow or deny a particular subnet/IP addresss from reaching the associated Subnet. These are to be defined bothways.
Security Group: These are stateful and are applied on every instance to permit or block the flows/subnets/IP addresses.
Internet Gateway: These are gateways which are applied to a VPC to allow connectivity towards internet.
NAT gateway: For private subnets to access internet it is advisable to go via NAT gateways. NAT gateways generally reside in public subnet and have an elastic IP associated. They are limited to an Availability Zone and do not span more than 1 Availability Zone.
NAT instance: These are EC2 instances residing on Public subnet which provide NAT capability or connectivity to internet for the private subnets.
Reserved IP ranges: There are 5 IPs reserved by AWS. First IP of the subnet is reserved for the VPC router.
Below image provides a pictorial view of the AWS VPC depicting its components vis-a-vis its positioning.
Hope you had a great read!
Comments
Post a Comment