DEV Community

Cover image for A Guide to AWS VPC
Shreya Nalawade
Shreya Nalawade

Posted on

A Guide to AWS VPC

Introduction to VPC

An logically isolated area of the Amazon Web Services (AWS) cloud where you can launch and use AWS resources can be created and managed using the AWS VPC (Amazon Virtual Private Cloud) web service offered by AWS. To put it simply, a VPC allows you to build your own private network inside the AWS cloud.

The IP address range, subnets, route tables, network gateways, and security settings of a VPC are completely under your control once you build it. With this level of control, you may design and set up the network environment to meet your individual demands and security requirements.

Image description


Subnets

Subnets in AWS VPC can be categorised as either public or private depending on how easily they can access the internet. Let's examine what distinguishes public from private subnets:

  • Public Subnet: An Internet Gateway (IGW) route is what makes a subnet a public subnet. A public subnet allows for instances to have public IP addresses and enable direct internet communication. This enables outbound traffic to the internet and makes them accessible from it. For resources that require direct internet connectivity, like web servers or instances hosting publicly available apps, public subnets are often used.

  • Private Subnet: An unconnected private subnet lacks a direct connection to the internet. To access resources on the internet, instances within a private subnet use a Network Address Translation (NAT) gateway or NAT instance because they lack public IP addresses. The fact that private subnets are inaccessible from the internet adds an extra layer of protection. They are frequently utilized for backend servers, databases, or other resources that demand internal VPC communication.

Route Tables

The traffic routing within a VPC is managed by a route table. It includes directives (routes) that describe how traffic should be routed across subnets, NAT gateways, VPN connections, and other resources.

Internet Gateway

A horizontally scalable, redundant AWS service called an Internet Gateway (IGW) enables connectivity between instances inside of your VPC and the internet. It gives internet-bound traffic a target and enables resources on public subnets to connect directly to the internet.

Security Groups

Security Groups act as virtual firewalls for your resources within a VPC. They control inbound and outbound traffic at the instance level by specifying rules that allow or deny traffic based on protocols, ports, and IP addresses.

To Explore more, visit AWS Documentation

Top comments (0)