A Virtual Private Cloud (VPC) is a logically isolated section of Amazon cloud. You can create your own VPC in AWS cloud.
With Amazon VPC, you get full control over your network configurations.
With Amazon VPC, you several layers of security
Many key AWS services such as EC2, S3, RDS, and ElasticCache deploy directly into Amazon VPC.
Amazon VPC span only one region and use all Availability Zones (AZs) within the region.
VPC needs to be divided into subnets. Each subnet is tied to an AZ. Subnets cannot span multiple AZs.
Routing tables are used to control traffic. Route 53 is a AWS application that provides this service.
Internet Gateway (IGW) is configured to grant and control access to the Internet. NAT gateway allows private subnet resources to access Internet. Network Access Control Lists (NACL) control access to subnets.
To create a VPC:
- Log into your console
- Choose IP
- Create subnet(s)
- Add IGW
Example:
Suppose you want to setup a basic infrastructure that consists of three tiers: load balancer, application, and database tiers. We need to create a separate subnet for each tier. Each subnet comes with unique 256 IP addresses. The subnets are duplicated across multiple AZs. Load Balancer (ELB) spans multiple AZs. EC2 instances created for application tiers and RDS for database instances. They are replicated across AZs but are isolated. Network is configured to grant proper access.